Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_Axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8
9(* constrain sledgehammer to the abstraction layer *)
10unbundle AOT_no_atp
11
12AOT_theorem "modus-ponens": assumes φ and φ  ψ shows ψ
13  using assms by (simp add: AOT_sem_imp) (* NOTE: semantics needed *)
14lemmas MP = "modus-ponens"
15
16AOT_theorem "non-con-thm-thm": assumes  φ shows  φ
17  using assms by simp
18
19AOT_theorem "vdash-properties:1[1]": assumes φ  Λ shows  φ
20  using assms unfolding AOT_model_act_axiom_def by blast (* NOTE: semantics needed *)
21
22text‹Convenience attribute for instantiating modally-fragile axioms.›
23attribute_setup act_axiom_inst =
24  ‹Scan.succeed (Thm.rule_attribute [] (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
25  "Instantiate modally fragile axiom as modally fragile theorem."
26
27AOT_theorem "vdash-properties:1[2]": assumes φ  Λ shows  φ
28  using assms unfolding AOT_model_axiom_def by blast (* NOTE: semantics needed *)
29
30text‹Convenience attribute for instantiating modally-strict axioms.›
31attribute_setup axiom_inst =
32  ‹Scan.succeed (Thm.rule_attribute [] (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
33  "Instantiate axiom as theorem."
34
35text‹Convenience methods and theorem sets for applying "cqt:2".›
36method cqt_2_lambda_inst_prover = (fast intro: AOT_instance_of_cqt_2_intro)
37method "cqt:2[lambda]" = (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
38lemmas "cqt:2" = "cqt:2[const_var]"[axiom_inst] "cqt:2[lambda]"[axiom_inst] AOT_instance_of_cqt_2_intro
39method "cqt:2" = (safe intro!: "cqt:2")
40
41AOT_theorem "vdash-properties:3": assumes  φ shows Γ  φ
42  using assms by blast
43
44AOT_theorem "vdash-properties:5": assumes Γ1  φ and Γ2  φ  ψ shows Γ1, Γ2  ψ
45  using MP assms by blast
46
47AOT_theorem "vdash-properties:6": assumes φ and φ  ψ shows ψ
48  using MP assms by blast
49
50AOT_theorem "vdash-properties:8": assumes Γ  φ and φ  ψ shows Γ  ψ
51  using assms by argo
52
53AOT_theorem "vdash-properties:9": assumes φ shows ψ  φ
54  using MP "pl:1"[axiom_inst] assms by blast
55
56AOT_theorem "vdash-properties:10": assumes φ  ψ and φ shows ψ
57  using MP assms by blast
58lemmas "→E" = "vdash-properties:10"
59
60AOT_theorem "rule-gen": assumes for arbitrary α: φ{α} shows α φ{α}
61  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall) (* NOTE: semantics needed *)
62lemmas GEN = "rule-gen"
63
64AOT_theorem "RN[prem]": assumes Γ  φ shows Γ  φ
65  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
66AOT_theorem RN: assumes  φ shows φ
67  using "RN[prem]" assms by blast
68
69AOT_axiom "df-rules-formulas[1]": assumes φ df ψ shows φ  ψ
70  using assms by (simp_all add: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp) (* NOTE: semantics needed *)
71AOT_axiom "df-rules-formulas[2]": assumes φ df ψ shows ψ  φ
72  using assms by (simp_all add: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp) (* NOTE: semantics needed *)
73(* NOTE: for convenience also state the above as regular theorems *)
74AOT_theorem "df-rules-formulas[3]": assumes φ df ψ shows φ  ψ
75  using "df-rules-formulas[1]"[axiom_inst, OF assms].
76AOT_theorem "df-rules-formulas[4]": assumes φ df ψ shows ψ  φ
77  using "df-rules-formulas[2]"[axiom_inst, OF assms].
78
79
80AOT_axiom "df-rules-terms[1]":
81  assumes τ{α1...αn} =df σ{α1...αn}
82  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) & (¬σ{τ1...τn}  ¬τ{τ1...τn})
83  using assms by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
84AOT_axiom "df-rules-terms[2]":
85  assumes τ =df σ
86  shows (σ  τ = σ) & (¬σ  ¬τ)
87  by (metis "df-rules-terms[1]" case_unit_Unity assms)
88(* NOTE: for convenience also state the above as regular theorems *)
89AOT_theorem "df-rules-terms[3]":
90  assumes τ{α1...αn} =df σ{α1...αn}
91  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) & (¬σ{τ1...τn}  ¬τ{τ1...τn})
92  using "df-rules-terms[1]"[axiom_inst, OF assms].
93AOT_theorem "df-rules-terms[4]":
94  assumes τ =df σ
95  shows (σ  τ = σ) & (¬σ  ¬τ)
96  using "df-rules-terms[2]"[axiom_inst, OF assms].
97
98
99AOT_theorem "if-p-then-p": φ  φ
100  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
101
102AOT_theorem "deduction-theorem": assumes φ  ψ shows φ  ψ
103  using assms by (simp add: AOT_sem_imp) (* NOTE: semantics needed *)
104lemmas CP = "deduction-theorem"
105lemmas "→I" = "deduction-theorem"
106
107AOT_theorem "ded-thm-cor:1": assumes Γ1  φ  ψ and Γ2  ψ  χ shows Γ1, Γ2  φ  χ
108  using "→E" "→I" assms by blast
109AOT_theorem "ded-thm-cor:2": assumes Γ1  φ  (ψ  χ) and Γ2  ψ shows Γ1, Γ2  φ  χ
110  using "→E" "→I" assms by blast
111
112AOT_theorem "ded-thm-cor:3": assumes φ  ψ and ψ  χ shows φ  χ
113  using "→E" "→I" assms by blast
114declare "ded-thm-cor:3"[trans]
115AOT_theorem "ded-thm-cor:4": assumes φ  (ψ  χ) and ψ shows φ  χ
116  using "→E" "→I" assms by blast
117
118lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
119
120AOT_theorem "useful-tautologies:1": ¬¬φ  φ
121  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
122AOT_theorem "useful-tautologies:2": φ  ¬¬φ
123  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
124AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
125  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
126AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
127  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
128AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
129  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
130
131AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
132  by (metis "→I" MP "useful-tautologies:4")
133
134AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
135  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
136
137AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
138  by (metis "→I" MP "useful-tautologies:5")
139
140AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
141  by (metis "→I" MP "useful-tautologies:6")
142
143AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
144  by (metis "→I" MP "pl:3"[axiom_inst])
145
146AOT_theorem "dn-i-e:1": assumes φ shows ¬¬φ
147  using MP "useful-tautologies:2" assms by blast
148lemmas "¬¬I" = "dn-i-e:1"
149AOT_theorem "dn-i-e:2": assumes ¬¬φ shows φ
150  using MP "useful-tautologies:1" assms by blast
151lemmas "¬¬E" = "dn-i-e:2"
152
153AOT_theorem "modus-tollens:1": assumes φ  ψ and ¬ψ shows ¬φ
154  using MP "useful-tautologies:5" assms by blast
155AOT_theorem "modus-tollens:2": assumes φ  ¬ψ and ψ shows ¬φ
156  using "¬¬I" "modus-tollens:1" assms by blast
157lemmas MT = "modus-tollens:1" "modus-tollens:2"
158
159AOT_theorem "contraposition:1[1]": assumes φ  ψ shows ¬ψ  ¬φ
160  using "→I" MT(1) assms by blast
161AOT_theorem "contraposition:1[2]": assumes ¬ψ  ¬φ shows φ  ψ
162  using "→I" "¬¬E" MT(2) assms by blast
163
164AOT_theorem "contraposition:2": assumes φ  ¬ψ shows ψ  ¬φ
165  using "→I" MT(2) assms by blast
166
167(* TODO: this is actually a mixture of the two variants given in PLM; adjust. *)
168AOT_theorem "reductio-aa:1":
169  assumes ¬φ  ¬ψ and ¬φ  ψ shows φ
170  using "→I" "¬¬E" MT(2) assms by blast
171AOT_theorem "reductio-aa:2":
172  assumes φ  ¬ψ and φ  ψ shows ¬φ
173  using "reductio-aa:1" assms by blast
174lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
175
176AOT_theorem "exc-mid": φ  ¬φ
177  using "df-rules-formulas[4]" "if-p-then-p" MP "conventions:2" by blast
178
179AOT_theorem "non-contradiction": ¬(φ & ¬φ)
180  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2" "conventions:1" by blast
181
182AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
183  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
184AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
185  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2) "¬¬E" "conventions:1")
186lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
187
188AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
189  by (meson "contraposition:1[2]" "df-rules-formulas[4]" MP "→I" "conventions:2")
190AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
191  using "Hypothetical Syllogism" "df-rules-formulas[4]" "pl:1"[axiom_inst] "conventions:2" by blast
192lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
193
194AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
195  by (metis "contraposition:2" "Hypothetical Syllogism" "→I" "df-rules-formulas[4]" "conventions:1")
196lemmas Adjunction = "con-dis-taut:5"
197
198AOT_theorem "con-dis-taut:6": (φ & φ)  φ
199  by (metis Adjunction "→I" "df-rules-formulas[4]" MP "Conjunction Simplification"(1) "conventions:3")
200lemmas "Idempotence of &" = "con-dis-taut:6"
201
202AOT_theorem "con-dis-taut:7": (φ  φ)  φ
203proof -
204  {
205    AOT_assume φ  φ
206    AOT_hence ¬φ  φ
207      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
208    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
209  }
210  moreover {
211    AOT_assume φ
212    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
213  }
214  ultimately AOT_show (φ  φ)  φ
215    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
216    by (metis Adjunction "→I")
217qed
218lemmas "Idempotence of ∨" = "con-dis-taut:7"
219
220
221AOT_theorem "con-dis-i-e:1": assumes φ and ψ shows φ & ψ
222  using Adjunction MP assms by blast
223lemmas "&I" = "con-dis-i-e:1"
224
225AOT_theorem "con-dis-i-e:2:a": assumes φ & ψ shows φ
226  using "Conjunction Simplification"(1) MP assms by blast
227AOT_theorem "con-dis-i-e:2:b": assumes φ & ψ shows ψ
228  using "Conjunction Simplification"(2) MP assms by blast
229lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
230
231AOT_theorem "con-dis-i-e:3:a": assumes φ shows φ  ψ
232  using "Disjunction Addition"(1) MP assms by blast
233AOT_theorem "con-dis-i-e:3:b": assumes ψ shows φ  ψ
234  using "Disjunction Addition"(2) MP assms by blast
235AOT_theorem "con-dis-i-e:3:c": assumes φ  ψ and φ  χ and ψ  Θ shows χ  Θ
236  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2) "df-rules-formulas[3]" MT(1) RAA(1) "conventions:2" assms)
237lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
238
239AOT_theorem "con-dis-i-e:4:a": assumes φ  ψ and φ  χ and ψ  χ shows χ
240  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
241AOT_theorem "con-dis-i-e:4:b": assumes φ  ψ and ¬φ shows ψ
242  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
243AOT_theorem "con-dis-i-e:4:c": assumes φ  ψ and ¬ψ shows φ
244  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
245lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
246
247AOT_theorem "raa-cor:1": assumes ¬φ  ψ & ¬ψ shows φ
248  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
249AOT_theorem "raa-cor:2": assumes φ  ψ & ¬ψ shows ¬φ
250  using "raa-cor:1" assms by blast
251AOT_theorem "raa-cor:3": assumes φ and ¬ψ  ¬φ shows ψ
252  using RAA assms by blast
253AOT_theorem "raa-cor:4": assumes ¬φ and ¬ψ  φ shows ψ
254  using RAA assms by blast
255AOT_theorem "raa-cor:5": assumes φ and ψ  ¬φ shows ¬ψ
256  using RAA assms by blast
257AOT_theorem "raa-cor:6": assumes ¬φ and ψ  φ shows ¬ψ
258  using RAA assms by blast
259
260(* TODO: note these need manual introduction rules *)
261AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
262  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
263     (metis "&E" "&I" "raa-cor:3" "→I" MP)
264AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
265  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
266     (metis "&E" "&I" "raa-cor:3" "→I" MP)
267AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
268  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
269     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
270
271AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
272  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
273     (meson "&I" "&E" "→I")
274lemmas "Commutativity of &" = "oth-class-taut:2:a"
275AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
276  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
277     (metis "&I" "&E" "→I")
278lemmas "Associativity of &" = "oth-class-taut:2:b"
279AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
280  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
281     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
282lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
283AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
284  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
285     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
286lemmas "Associativity of ∨" = "oth-class-taut:2:d"
287AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
288  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
289      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E" "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
290lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
291AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
292  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
293        "→I" "→E" "&E" "&I"
294  by metis
295lemmas "Associativity of ≡" = "oth-class-taut:2:f"
296
297AOT_theorem "oth-class-taut:3:a": φ  φ
298  using "&I" "vdash-properties:6" "if-p-then-p" "df-rules-formulas[4]" "conventions:3" by blast
299AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
300  using "&I" "useful-tautologies:1" "useful-tautologies:2" "vdash-properties:6" "df-rules-formulas[4]" "conventions:3" by blast
301AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
302  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
303
304AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
305  by (metis "→E" "→I")
306AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
307  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
308        "→I" "→E" "&E" "&I" RAA by metis
309AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
310  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
311        "→I" "→E" "&E" "&I" by metis
312AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
313  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
314        "→I" "→E" "&E" "&I" by metis
315AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
316  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
317        "→I" "→E" "&E" "&I" by metis
318AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
319  using "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
320        "→I" "→E" "&E" "&I" by metis
321AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
322proof(safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"] "&I" "→I"
323           dest!: "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
324  AOT_show φ & ψ  (¬φ & ¬ψ) if (φ  ψ) & (ψ  φ)
325    using "&E" "∨I" "→E" "&I" "raa-cor:1" "→I" "∨E" that by metis
326next
327  AOT_show ψ if φ & ψ  (¬φ & ¬ψ) and φ
328    using that "∨E" "&E" "raa-cor:3" by blast
329next
330  AOT_show φ if φ & ψ  (¬φ & ¬ψ) and ψ
331    using that "∨E" "&E" "raa-cor:3" by blast
332qed
333AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
334proof (safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"] "&I" "→I")
335  AOT_show φ & ¬ψ  (¬φ & ψ) if ¬(φ  ψ)
336    by (metis that "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]" "raa-cor:3" "conventions:3")
337next
338  AOT_show ¬(φ  ψ) if φ & ¬ψ  (¬φ & ψ)
339    by (metis that "&E" "∨E"(2) "→E" "df-rules-formulas[3]" "raa-cor:3" "conventions:3")
340qed
341AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
342  using "conventions:3"[THEN "df-rules-formulas[4]"]
343        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
344AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
345  using "conventions:3"[THEN "df-rules-formulas[4]"]
346        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
347AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
348  using "conventions:3"[THEN "df-rules-formulas[4]"]
349        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
350AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
351  using "conventions:3"[THEN "df-rules-formulas[4]"]
352        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
353
354lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
355
356AOT_theorem "oth-class-taut:6:a": (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
357  using "conventions:3"[THEN "df-rules-formulas[4]"]
358        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
359AOT_theorem "oth-class-taut:6:b": (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
360  using "conventions:3"[THEN "df-rules-formulas[4]"]
361        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
362
363AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
364  by (metis "&I" "→E" "→I")
365lemmas Exportation = "oth-class-taut:7:a"
366AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
367  by (metis "&E" "→E" "→I")
368lemmas Importation = "oth-class-taut:7:b"
369
370AOT_theorem "oth-class-taut:8:a": (φ  (ψ  χ))  (ψ  (φ  χ))
371  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I" by metis
372lemmas Permutation = "oth-class-taut:8:a"
373AOT_theorem "oth-class-taut:8:b": (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
374  by (metis "&I" "→E" "→I")
375lemmas Composition = "oth-class-taut:8:b"
376AOT_theorem "oth-class-taut:8:c": (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
377  by (metis "∨E"(2) "→E" "→I" RAA(1))
378AOT_theorem "oth-class-taut:8:d": ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
379  by (metis "&E" "&I" "→E" "→I")
380lemmas "Double Composition" = "oth-class-taut:8:d"
381AOT_theorem "oth-class-taut:8:e": ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
382  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
383            "→I" "→E" "&E" "&I")
384AOT_theorem "oth-class-taut:8:f": ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
385  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
386            "→I" "→E" "&E" "&I")
387AOT_theorem "oth-class-taut:8:g": (ψ  χ)  ((φ  ψ)  (φ  χ))
388  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
389            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
390AOT_theorem "oth-class-taut:8:h": (ψ  χ)  ((ψ  φ)  (χ  φ))
391  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
392            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
393AOT_theorem "oth-class-taut:8:i": (φ  (ψ & χ))  (ψ  (φ  χ))
394  by (metis "conventions:3"[THEN "df-rules-formulas[4]"] "conventions:3"[THEN "df-rules-formulas[3]"]
395            "→I" "→E" "&E" "&I")
396
397AOT_theorem "intro-elim:1": assumes φ  ψ and φ  χ and ψ  Θ shows χ  Θ
398  by (metis assms "∨I"(1, 2) "∨E"(1) "conventions:3"[THEN "df-rules-formulas[3]"] "→I" "→E" "&E"(1))
399
400AOT_theorem "intro-elim:2": assumes φ  ψ and ψ  φ shows φ  ψ
401  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
402lemmas "≡I" = "intro-elim:2"
403
404AOT_theorem "intro-elim:3:a": assumes φ  ψ and φ shows ψ
405  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
406AOT_theorem "intro-elim:3:b": assumes φ  ψ and ψ shows φ
407  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
408AOT_theorem "intro-elim:3:c": assumes φ  ψ and ¬φ shows ¬ψ
409  using "intro-elim:3:b" "raa-cor:3" assms by blast
410AOT_theorem "intro-elim:3:d": assumes φ  ψ and ¬ψ shows ¬φ
411  using "intro-elim:3:a" "raa-cor:3" assms by blast
412AOT_theorem "intro-elim:3:e": assumes φ  ψ and ψ  χ shows φ  χ
413  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
414declare "intro-elim:3:e"[trans]
415AOT_theorem "intro-elim:3:f": assumes φ  ψ and φ  χ shows χ  ψ
416  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
417lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c" "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
418
419declare "Commutativity of ≡"[THEN "≡E"(1), sym]
420
421AOT_theorem "rule-eq-df:1": assumes φ df ψ shows φ  ψ
422  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
423lemmas "≡Df" = "rule-eq-df:1"
424AOT_theorem "rule-eq-df:2": assumes φ df ψ and φ shows ψ
425  using "≡Df" "≡E"(1) assms by blast
426lemmas "≡dfE" = "rule-eq-df:2"
427AOT_theorem "rule-eq-df:3": assumes φ df ψ and ψ shows φ
428  using "≡Df" "≡E"(2) assms by blast
429lemmas "≡dfI" = "rule-eq-df:3"
430
431AOT_theorem  "df-simplify:1": assumes φ  (ψ & χ) and ψ shows φ  χ
432  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
433(* TODO: this is a slight variation from PLM *)
434AOT_theorem  "df-simplify:2": assumes φ  (ψ & χ) and χ shows φ  ψ
435  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
436lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
437
438AOT_theorem "rule-ui:1": assumes α φ{α} and τ shows φ{τ}
439  using "→E" "cqt:1"[axiom_inst] assms by blast
440AOT_theorem "rule-ui:2[const_var]": assumes α φ{α} shows φ{β}
441  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
442(* TODO: precise proviso in PLM *)
443AOT_theorem "rule-ui:2[lambda]":
444  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
445  shows φ{ν1...νn ψ{ν1...νn}]}
446  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
447AOT_theorem "rule-ui:3": assumes α φ{α} shows φ{α}
448  by (simp add: "rule-ui:2[const_var]" assms)
449lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]" "rule-ui:2[lambda]" "rule-ui:3"
450
451AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β} by (simp add: "∀E"(2) "→I")
452AOT_theorem "cqt-orig:1[lambda]":
453  assumes INSTANCE_OF_CQT_2(ψ)
454  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
455  by (simp add: "∀E"(3) "→I" assms)
456AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
457  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
458AOT_theorem "cqt-orig:3": α φ{α}  φ{α} using "cqt-orig:1[const_var]" .
459
460(* TODO: work out difference to GEN *)
461AOT_theorem universal: assumes for arbitrary β: φ{β} shows α φ{α}
462  using GEN assms .
463lemmas "∀I" = universal
464
465(* Generalized mechanism for "∀I" followed by ∀E *)
466ML467fun get_instantiated_allI ctxt varname thm = let
468val trm = Thm.concl_of thm
469val trm = case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
470                      | _ => raise Term.TERM ("Expected simple theorem.", [trm])
471fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
472    (if fst (fst v) = fst varname then [Var v] else []) (* TODO: care about the index? *)
473  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
474  | extractVars (Abs (_, _, t)) = extractVars t
475  | extractVars _ = []
476val vars = extractVars trm
477val vars = fold Term.add_vars vars []
478val var = hd vars
479val trmty = case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
480              | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
481val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
482      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
483       $ Var var, trm))
484val trm = Thm.cterm_of (Context.proof_of ctxt) trm
485val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
486val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
487val allthm = Drule.instantiate_normalize ([(ty, typ)],[]) @{thm "∀I"}
488val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
489val allthm = Drule.instantiate_normalize ([],[(phi,trm)]) allthm
490in
491allthm
492end
493
494
495attribute_setup "∀I" =
496  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
497  (fn ctxt => fn thm => fold (fn arg => fn thm => thm RS get_instantiated_allI ctxt arg thm) args thm))
498  "Quantify over a variable in a theorem using GEN."
499
500attribute_setup "unvarify" =
501  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
502  (fn ctxt => fn thm =>
503    let
504    val thm = fold (fn arg => fn thm => thm RS get_instantiated_allI ctxt arg thm) args thm
505    val thm = fold (fn _ => fn thm => thm RS @{thm "∀E"(1)}) args thm
506    in
507     thm
508    end))
509  "Generalize a statement about variables to a statement about denoting terms."
510
511(* TODO: rereplace-lem does not apply to the embedding *)
512
513AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
514  by (metis "≡I" "∀E"(2) "∀I" "→I")
515
516AOT_theorem "cqt-basic:2": α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
517proof (rule "≡I"; rule "→I")
518  AOT_assume α(φ{α}  ψ{α})
519  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
520  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
521    using "≡E"(1,2) "→I" by blast+
522  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
523    by (auto intro: "&I" "∀I")
524next
525  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
526  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
527    using "∀E"(2) "&E" by blast+
528  AOT_hence φ{α}  ψ{α} for α
529    using "≡I" by blast
530  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
531qed
532
533AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
534proof(rule "→I")
535  AOT_assume α(φ{α}  ψ{α})
536  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
537  {
538    AOT_assume α φ{α}
539    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
540  }
541  moreover {
542    AOT_assume α ψ{α}
543    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
544  }
545  ultimately AOT_show α φ{α}  α ψ{α}
546    using "≡I" "→I" by auto
547qed
548
549AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
550proof(rule "→I")
551  AOT_assume 0: α(φ{α} & ψ{α})
552  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
553  AOT_thus α φ{α} & α ψ{α}
554    by (auto intro: "∀I" "&I")
555qed
556
557AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
558  using "cqt-orig:3" by blast
559
560AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
561  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
562
563AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
564  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
565
566AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
567  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
568
569AOT_theorem "cqt-basic:9": (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
570proof -
571  {
572    AOT_assume α (φ{α}  ψ{α})
573    moreover AOT_assume α (ψ{α}  χ{α})
574    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α using "∀E" by blast+
575    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
576    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
577  }
578  thus ?thesis using "&I" "→I" "&E" by meson
579qed
580
581AOT_theorem "cqt-basic:10": (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
582proof(rule "→I"; rule "∀I")
583  fix β
584  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
585  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
586  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
587qed
588
589AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
590proof (rule "≡I"; rule "→I")
591  AOT_assume 0: α(φ{α}  ψ{α})
592  {
593    fix α
594    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
595    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
596  }
597  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
598next
599  AOT_assume 0: α(ψ{α}  φ{α})
600  {
601    fix α
602    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
603    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
604  }
605  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
606qed
607
608AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
609  by (simp add: "∀E"(2) "→I" GEN)
610
611AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
612  using "≡I" "→I" by blast
613
614AOT_theorem "cqt-basic:14": (α1...∀αn (φ{α1...αn}  ψ{α1...αn}))  ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
615  using "cqt:3"[axiom_inst] by auto
616
617AOT_theorem "cqt-basic:15": (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
618  using "cqt-orig:2" by auto
619
620(* TODO: once more the same in the embedding... need to distinguish these better *)
621AOT_theorem "universal-cor": assumes for arbitrary β: φ{β}  shows α φ{α}
622  using GEN assms .
623
624AOT_theorem "existential:1": assumes φ{τ} and τ shows α φ{α}
625proof(rule "raa-cor:1")
626  AOT_assume ¬α φ{α}
627  AOT_hence α ¬φ{α}
628    using "≡dfI" "conventions:4" RAA "&I" by blast
629  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
630  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
631qed
632
633AOT_theorem "existential:2[const_var]": assumes φ{β} shows α φ{α}
634  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
635
636AOT_theorem "existential:2[lambda]":
637  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
638  shows α φ{α}
639  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
640lemmas "∃I" = "existential:1" "existential:2[const_var]" "existential:2[lambda]" 
641
642AOT_theorem "instantiation":
643  assumes for arbitrary β: φ{β}  ψ and α φ{α}
644  shows ψ
645  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
646lemmas "∃E" = "instantiation"
647
648AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
649  using "∀E"(4) "∃I"(2) "→I" by metis
650
651AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
652  using "∀I" "∃I"(2) "→I" RAA by metis
653
654AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
655  using "∀E"(4) "∃E" "→I" RAA
656  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
657
658AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
659  using "∀I" "∃I"(2)"→I" RAA by metis
660
661AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
662  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
663
664AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
665  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
666
667AOT_theorem "cqt-further:7": α φ{α}  β φ{β} (* TODO: vacuous in the embedding *)
668  by (simp add: "oth-class-taut:3:a")
669
670AOT_theorem "cqt-further:8": (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
671  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
672
673AOT_theorem "cqt-further:9": (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
674  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
675
676AOT_theorem "cqt-further:10": (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
677proof(rule "→I"; rule "raa-cor:2")
678  AOT_assume 0: α φ{α} & ¬α ψ{α}
679  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
680  moreover AOT_assume α (φ{α}  ψ{α})
681  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
682  AOT_hence α ψ{α} using "∃I" by blast
683  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
684qed
685
686AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
687  using "≡I" "→I" "∃I"(2) "∃E" by metis
688
689AOT_theorem "log-prop-prop:1":  φ]
690  using "cqt:2[lambda0]"[axiom_inst] by auto
691
692AOT_theorem "log-prop-prop:2": φ
693  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
694
695AOT_theorem "exist-nec": τ  τ
696proof -
697  AOT_have β β
698    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
699  AOT_thus τ  τ
700    using "cqt:1"[axiom_inst] "→E" by blast
701qed
702
703(* TODO: replace this mechanism by a "proof by types" command *)
704class AOT_Term_id = AOT_Term +
705  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
706      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
707
708instance κ :: AOT_Term_id
709proof
710  AOT_modally_strict {
711    AOT_show κ = κ'  κ for κ κ'
712    proof(rule "→I")
713      AOT_assume κ = κ'
714      AOT_hence O!κ  A!κ
715        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
716           (meson "→I" "∨I"(1) "&E"(1))+
717      AOT_thus κ
718        by (rule "∨E"(1))
719           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
720    qed
721  }
722next
723  AOT_modally_strict {
724    AOT_show κ = κ'  κ' for κ κ'
725    proof(rule "→I")
726      AOT_assume κ = κ'
727      AOT_hence O!κ'  A!κ'
728        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
729           (meson "→I" "∨I" "&E")+
730      AOT_thus κ'
731        by (rule "∨E"(1))
732           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
733    qed
734  }
735qed
736
737instance rel :: (AOT_κs) AOT_Term_id
738proof
739  AOT_modally_strict {
740    AOT_show Π = Π'  Π for Π Π' :: <'a> (* TODO: how to get rid of the fixes? *)
741    proof(rule "→I")
742      AOT_assume Π = Π'
743      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
744    qed
745  }
746next
747  AOT_modally_strict {
748    AOT_show Π = Π'  Π' for Π Π' :: <'a> (* TODO: how to get rid of the fixes? *)
749    proof(rule "→I")
750      AOT_assume Π = Π'
751      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
752    qed
753  }
754qed
755
756instance 𝗈 :: AOT_Term_id
757proof
758  AOT_modally_strict {
759    fix φ ψ
760    AOT_show φ = ψ  φ
761    proof(rule "→I")
762      AOT_assume φ = ψ
763      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
764    qed
765  }
766next
767  AOT_modally_strict {
768    fix φ ψ
769    AOT_show φ = ψ  ψ
770    proof(rule "→I")
771      AOT_assume φ = ψ
772      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
773    qed
774  }
775qed
776
777instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
778proof
779  AOT_modally_strict {
780    fix τ τ' :: 'a×'b
781    AOT_show τ = τ'  τ
782    proof (induct τ; induct τ'; rule "→I")
783      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
784      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
785      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
786      AOT_hence τ1 and τ2 using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
787      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
788    qed
789  }
790next
791  AOT_modally_strict {
792    fix τ τ' :: 'a×'b
793    AOT_show τ = τ'  τ'
794    proof (induct τ; induct τ'; rule "→I")
795      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
796      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
797      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
798      AOT_hence τ1' and τ2' using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
799      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
800    qed
801  }
802qed
803
804(* TODO: this is the end of the "proof by types" and makes the results available on new theorems *)
805AOT_register_type_constraints
806  Term: _::AOT_Term_id› _::AOT_Term_id›
807AOT_register_type_constraints
808  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
809AOT_register_type_constraints
810  Relation: <_::{AOT_κs, AOT_Term_id}>
811
812AOT_theorem "id-rel-nec-equiv:1": Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
813proof(rule "→I")
814  AOT_assume assumption: Π = Π'
815  AOT_hence Π and Π'
816    using "t=t-proper:1" "t=t-proper:2" MP by blast+
817  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn))  x1...∀xn ([F]x1...xn  [G]x1...xn)))
818    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
819  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn))  x1...∀xn ([Π]x1...xn  [Π']x1...xn))
820    using "∀E"(1) by blast
821  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn))  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
822    using assumption "→E" by blast
823  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
824    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
825  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
826    using "→E" by blast
827qed
828
829AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
830proof(rule "→I")
831  AOT_assume assumption: φ = ψ
832  AOT_hence φ and ψ
833    using "t=t-proper:1" "t=t-proper:2" MP by blast+
834  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
835    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
836  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
837    using "∀E"(1) by blast
838  AOT_hence (φ  φ)  (φ  ψ)
839    using assumption "→E" by blast
840  moreover AOT_have (φ  φ)
841    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
842  ultimately AOT_show (φ  ψ)
843    using "→E" by blast
844qed
845
846AOT_theorem "rule=E": assumes φ{τ} and τ = σ shows φ{σ}
847proof -
848  AOT_have τ and σ using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
849  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
850    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
851  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
852    using "∀E"(1) by blast
853  AOT_thus φ{σ} using assms "→E" by blast
854qed
855
856AOT_theorem "propositions-lemma:1":  φ] = φ
857proof -
858  AOT_have φ by (simp add: "log-prop-prop:2")
859  moreover AOT_have p  p] = p using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
860  ultimately AOT_show  φ] = φ
861    using "∀E" by blast
862qed
863
864AOT_theorem "propositions-lemma:2":  φ]  φ
865proof -
866  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
867  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
868qed
869
870(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
871
872AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
873  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
874
875(* dr-alphabetic-rules does not apply *)
876
877AOT_theorem "oa-exist:1": O!
878proof -
879  AOT_have x [E!]x] by "cqt:2[lambda]"
880  AOT_hence 1: O! = x [E!]x] using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
881  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
882qed
883
884AOT_theorem "oa-exist:2": A!
885proof -
886  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
887  AOT_hence 1: A! = x ¬[E!]x] using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
888  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
889qed
890
891AOT_theorem "oa-exist:3": O!x  A!x
892proof(rule "raa-cor:1")
893  AOT_assume ¬(O!x  A!x)
894  AOT_hence A: ¬O!x and B: ¬A!x
895    using "Disjunction Addition"(1) "modus-tollens:1" "∨I"(2) "raa-cor:5" by blast+
896  AOT_have C: O! = x [E!]x]
897    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2[lambda]"
898  AOT_have D: A! = x ¬[E!]x]
899    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2[lambda]"
900  AOT_have E: ¬x [E!]x]x
901    using A C "rule=E" by fast
902  AOT_have F: ¬x ¬[E!]x]x
903    using B D "rule=E" by fast
904  AOT_have G: x [E!]x]x  [E!]x
905    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
906  AOT_have H: x ¬[E!]x]x  ¬[E!]x
907    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
908  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
909qed
910
911AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
912proof -
913  AOT_have F = G  F & G & x(x[F]  x[G])
914    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
915  moreover AOT_have F and G
916    by (auto simp: "cqt:2[const_var]"[axiom_inst])
917  ultimately AOT_show F = G  x(x[F]  x[G])
918    using "≡S"(1) "&I" by blast
919qed
920
921AOT_theorem "p-identity-thm2:2[2]": F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
922proof -
923  AOT_have F = G  F & G & y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
924    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
925  moreover AOT_have F and G
926    by (auto simp: "cqt:2[const_var]"[axiom_inst])
927  ultimately show ?thesis
928    using "≡S"(1) "&I" by blast
929qed
930    
931AOT_theorem "p-identity-thm2:2[3]": F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] & x [F]y1xy2] = x [G]y1xy2] & x [F]y1y2x] = x [G]y1y2x])
932proof -
933  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] & x [F]y1xy2] = x [G]y1xy2] & x [F]y1y2x] = x [G]y1y2x])
934    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
935  moreover AOT_have F and G
936    by (auto simp: "cqt:2[const_var]"[axiom_inst])
937  ultimately show ?thesis
938    using "≡S"(1) "&I" by blast
939qed
940
941AOT_theorem "p-identity-thm2:2[4]": F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] & x [F]y1xy2y3] = x [G]y1xy2y3] & x [F]y1y2xy3] = x [G]y1y2xy3] & x [F]y1y2y3x] = x [G]y1y2y3x])
942proof -
943  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] & x [F]y1xy2y3] = x [G]y1xy2y3] & x [F]y1y2xy3] = x [G]y1y2xy3] & x [F]y1y2y3x] = x [G]y1y2y3x])
944    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
945  moreover AOT_have F and G
946    by (auto simp: "cqt:2[const_var]"[axiom_inst])
947  ultimately show ?thesis
948    using "≡S"(1) "&I" by blast
949qed
950
951AOT_theorem "p-identity-thm2:2":
952  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
953proof -
954  AOT_have F = G  F & G & x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
955    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
956  moreover AOT_have F and G
957    by (auto simp: "cqt:2[const_var]"[axiom_inst])
958  ultimately show ?thesis
959    using "≡S"(1) "&I" by blast
960qed
961
962AOT_theorem "p-identity-thm2:3":
963  p = q  x p] = x q]
964proof -
965  AOT_have p = q  p & q & x p] = x q]
966    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]" "→E" "&E" "≡I" "→I" by blast
967  moreover AOT_have p and q
968    by (auto simp: "cqt:2[const_var]"[axiom_inst])
969  ultimately show ?thesis
970    using "≡S"(1) "&I" by blast
971qed
972
973class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
974
975instance κ :: AOT_Term_id_2
976proof
977  AOT_modally_strict {
978    fix x
979    {
980      AOT_assume O!x
981      moreover AOT_have F([F]x  [F]x)
982        using RN GEN "oth-class-taut:3:a" by fast
983      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
984    }
985    moreover {
986      AOT_assume A!x
987      moreover AOT_have F(x[F]  x[F])
988        using RN GEN "oth-class-taut:3:a" by fast
989      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
990    }
991    ultimately AOT_have (O!x & O!x & F([F]x  [F]x))  (A!x & A!x & F(x[F]  x[F]))
992      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
993    AOT_thus x = x
994      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
995  }
996qed
997
998instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
999proof
1000  AOT_modally_strict {
1001    fix F :: "<'a> AOT_var"
1002    AOT_have 0: x1...xn [F]x1...xn] = F
1003      by (simp add: "lambda-predicates:3"[axiom_inst])
1004    AOT_have x1...xn [F]x1...xn]
1005      by "cqt:2[lambda]"
1006    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
1007      using "lambda-predicates:1"[axiom_inst] "→E" by blast
1008    AOT_show F = F using "rule=E" 0 by force 
1009  }
1010qed
1011
1012instance 𝗈 :: AOT_Term_id_2
1013proof
1014  AOT_modally_strict {
1015    fix p
1016    AOT_have 0:  p] = p
1017      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1018    AOT_have  p]
1019      by (rule "cqt:2[lambda0]"[axiom_inst])
1020    AOT_hence  p] =  p]
1021      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1022    AOT_show p = p using "rule=E" 0 by force
1023  }
1024qed
1025
1026instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1027proof
1028  AOT_modally_strict {
1029    fix α :: ('a×'b) AOT_var›
1030    AOT_show α = α
1031    proof (induct)
1032      AOT_show τ = τ if τ for τ :: 'a×'b
1033        using that
1034      proof (induct τ)
1035        fix τ1 :: 'a and τ2 :: 'b
1036        AOT_assume «(τ1,τ2)»
1037        AOT_hence τ1 and τ2 using "≡dfE" "&E" tuple_denotes by blast+
1038        AOT_hence τ1 = τ1 and τ2 = τ2 using "id-eq:1"[unvarify α] by blast+
1039        AOT_thus «(τ1, τ2)» = «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_identity_1)
1040      qed
1041    qed
1042  }
1043qed
1044
1045AOT_register_type_constraints
1046  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1047AOT_register_type_constraints
1048  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1049AOT_register_type_constraints
1050  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1051
1052(* TODO: Interestingly, this doesn't depend on "id-eq:1" at all! *)
1053AOT_theorem "id-eq:2": α = β  β = α
1054(*
1055  TODO: look at this proof generated using:
1056        including AOT_no_atp sledgehammer[isar_proofs = true]
1057proof -
1058  have "(∃φ. [v ⊨ ~β = α → ~φ] ∧ [v ⊨ α = β → φ]) ∨ (∃φ. ¬ [v ⊨ φ{α} → φ{β}])"
1059    by meson
1060  then show ?thesis
1061    by (meson "contraposition:2" "Hypothetical Syllogism" "deduction-theorem" l_"identity:1" "useful-tautologies:1")
1062qed
1063*)
1064(*  by (meson "rule=E" "deduction-theorem") *)
1065proof (rule "→I")
1066  AOT_assume α = β
1067  moreover AOT_have β = β using calculation "rule=E"[of _ "λ τ . «τ = β»" "AOT_term_of_var α" "AOT_term_of_var β"] by blast
1068  moreover AOT_have α = α  α = α using "if-p-then-p" by blast
1069  ultimately AOT_show β = α
1070    using "→E" "→I" "rule=E"[of _ "λ τ . «(τ = τ)  (τ = α)»" "AOT_term_of_var α" "AOT_term_of_var β"] by blast
1071qed
1072
1073AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1074  using "rule=E" "→I" "&E" by blast
1075
1076AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1077proof (rule "≡I"; rule "→I")
1078  AOT_assume 0: α = β
1079  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1080  AOT_show γ (α = γ  β = γ)
1081    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1082next
1083  AOT_assume γ (α = γ  β = γ)
1084  AOT_hence α = α  β = α using "∀E"(2) by blast
1085  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1086  AOT_hence β = α using "id-eq:1" "→E" by blast
1087  AOT_thus α = β using "id-eq:2" "→E" by blast
1088qed
1089
1090AOT_theorem "rule=I:1": assumes τ shows τ = τ
1091proof -
1092  AOT_have α (α = α)
1093    by (rule GEN) (metis "id-eq:1")
1094  AOT_thus τ = τ using assms "∀E" by blast
1095qed
1096
1097AOT_theorem "rule=I:2[const_var]": "α = α"
1098  using "id-eq:1".
1099
1100AOT_theorem "rule=I:2[lambda]": assumes INSTANCE_OF_CQT_2(φ) shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1101proof -
1102  AOT_have α (α = α)
1103    by (rule GEN) (metis "id-eq:1")
1104  moreover AOT_have ν1...νn φ{ν1...νn}] using assms by (rule "cqt:2[lambda]"[axiom_inst])
1105  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}] using assms "∀E" by blast
1106qed
1107
1108lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1109
1110AOT_theorem "rule-id-df:1":
1111  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1112  shows τ{τ1...τn} = σ{τ1...τn}
1113proof -
1114  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1115    using "df-rules-terms[3]" assms(1) "&E" by blast
1116  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1117    using assms(2) "→E" by blast
1118qed
1119
1120AOT_theorem "rule-id-df:1[zero]":
1121  assumes τ =df σ and σ
1122  shows τ = σ
1123proof -
1124  AOT_have σ  τ = σ
1125    using "df-rules-terms[4]" assms(1) "&E" by blast
1126  AOT_thus τ = σ
1127    using assms(2) "→E" by blast
1128qed
1129
1130AOT_theorem "rule-id-df:2:a":
1131  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1132  shows φ{σ{τ1...τn}}
1133proof -
1134  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1135  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1136qed
1137
1138(* TODO: get rid of this, ideally *)
1139AOT_theorem "rule-id-df:2:a[2]":
1140  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»} and σ{«(τ1,τ2)»} and φ{τ{«(τ1,τ2)»}}
1141  shows φ{σ{«(τ1,τ2)»}}
1142proof -
1143  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1144  proof -
1145    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1146      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
1147    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1148      using assms(2) "→E" by blast
1149  qed
1150  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1151qed
1152
1153AOT_theorem "rule-id-df:2:a[zero]":
1154  assumes τ =df σ and σ and φ{τ}
1155  shows φ{σ}
1156proof -
1157  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1158  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1159qed
1160
1161lemmas "=dfE" = "rule-id-df:2:a" "rule-id-df:2:a[zero]"
1162
1163AOT_theorem "rule-id-df:2:b":
1164  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1165  shows φ{τ{τ1...τn}}
1166proof -
1167  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1168  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1169    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1170  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1171qed
1172
1173(* TODO: get rid of this, ideally *)
1174AOT_theorem "rule-id-df:2:b[2]":
1175  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»} and σ{«(τ1,τ2)»} and φ{σ{«(τ1,τ2)»}}
1176  shows φ{τ{«(τ1,τ2)»}}
1177proof -
1178  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1179  proof -
1180    AOT_have σ{«(τ1,τ2)»}  τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1181      using assms by (simp add: AOT_sem_conj AOT_sem_imp AOT_sem_eq AOT_sem_not AOT_sem_denotes AOT_model_id_def) (* NOTE: semantics needed *)
1182    AOT_thus τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1183      using assms(2) "→E" by blast
1184  qed
1185  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1186    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1187  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1188qed
1189
1190AOT_theorem "rule-id-df:2:b[zero]":
1191  assumes τ =df σ and σ and φ{σ}
1192  shows φ{τ}
1193proof -
1194  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1195  AOT_hence σ = τ
1196    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1197  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1198qed
1199
1200lemmas "=dfI" = "rule-id-df:2:b" "rule-id-df:2:b[zero]"
1201
1202AOT_theorem "free-thms:1": τ  β (β = τ)
1203  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1204
1205AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1206  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1207
1208AOT_theorem "free-thms:3[const_var]": β (β = α)
1209  by (meson "∃I"(2) "id-eq:1")
1210
1211AOT_theorem "free-thms:3[lambda]": assumes INSTANCE_OF_CQT_2(φ) shows β (β = ν1...νn φ{ν1...νn}])
1212  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1213
1214AOT_theorem "free-thms:4[rel]": ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1215  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1216
1217(* TODO: this is a rather weird way to formulate this and we don't have tuple-existential-elimination
1218         or tuple-equality-elimination in the theory... Splitting them is also a bit unfortunate, though.*)
1219AOT_theorem "free-thms:4[vars]": ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1220  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1221
1222AOT_theorem "free-thms:4[1,rel]": ([Π]κ  κ[Π])  β (β = Π)
1223  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1224AOT_theorem "free-thms:4[1,1]": ([Π]κ  κ[Π])  β (β = κ)
1225  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst] "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1226
1227AOT_theorem "free-thms:4[2,rel]": ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1228  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1229AOT_theorem "free-thms:4[2,1]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1230  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1231AOT_theorem "free-thms:4[2,2]": ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1232  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst] "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1233AOT_theorem "free-thms:4[3,rel]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1234  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1235AOT_theorem "free-thms:4[3,1]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1236  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1237AOT_theorem "free-thms:4[3,2]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1238  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1239AOT_theorem "free-thms:4[3,3]": ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1240  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst] "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1241AOT_theorem "free-thms:4[4,rel]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1242  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1243AOT_theorem "free-thms:4[4,1]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1244  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1245AOT_theorem "free-thms:4[4,2]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1246  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1247AOT_theorem "free-thms:4[4,3]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1248  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1249AOT_theorem "free-thms:4[4,4]": ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1250  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst] "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1251
1252AOT_theorem "ex:1:a": α α
1253  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1254AOT_theorem "ex:1:b": αβ(β = α)
1255  by (rule GEN) (fact "free-thms:3[const_var]")
1256
1257AOT_theorem "ex:2:a": α
1258  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1259AOT_theorem "ex:2:b": β(β = α)
1260  by (rule RN) (fact "free-thms:3[const_var]")
1261
1262AOT_theorem "ex:3:a": α α
1263  by (rule RN) (fact "ex:1:a")
1264AOT_theorem "ex:3:b": αβ(β = α)
1265  by (rule RN) (fact "ex:1:b")
1266
1267AOT_theorem "ex:4:a": α α
1268  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1269AOT_theorem "ex:4:b": αβ(β = α)
1270  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1271
1272AOT_theorem "ex:5:a": α α
1273  by (rule RN) (simp add: "ex:4:a")
1274AOT_theorem "ex:5:b": αβ(β = α)
1275  by (rule RN) (simp add: "ex:4:b")
1276
1277AOT_theorem "all-self=:1": α(α = α)
1278  by (rule RN; rule GEN) (fact "id-eq:1")
1279AOT_theorem "all-self=:2": α(α = α)
1280  by (rule GEN; rule RN) (fact "id-eq:1")
1281
1282AOT_theorem "id-nec:1": α = β  (α = β)
1283proof(rule "→I")
1284  AOT_assume α = β
1285  moreover AOT_have (α = α)
1286    by (rule RN) (fact "id-eq:1")
1287  ultimately AOT_show (α = β) using "rule=E" by fast
1288qed
1289
1290AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1291proof(rule "→I")
1292  AOT_assume asm: τ = σ
1293  moreover AOT_have τ
1294    using calculation "t=t-proper:1" "→E" by blast
1295  moreover AOT_have (τ = τ)
1296    using calculation "all-self=:2" "∀E"(1) by blast
1297  ultimately AOT_show (τ = σ) using "rule=E" by fast
1298qed
1299
1300AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1301proof (rule "≡I"; rule "→I")
1302  AOT_assume asm: φ{α}
1303  AOT_show β (β = α & φ{β})
1304    by (rule "∃I"(2)[where β=α]; rule "&I")
1305       (auto simp: "id-eq:1" asm)
1306next
1307  AOT_assume 0: β (β = α & φ{β})
1308  (* TODO: have another look at this instantiation. Ideally AOT_obtain would resolve directly to the existential
1309           statement as proof obligation *)
1310  AOT_obtain β where β = α & φ{β} using "instantiation"[rotated, OF 0] by blast
1311  AOT_thus φ{α} using "&E" "rule=E" by blast
1312qed
1313
1314AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1315proof(rule "→I")
1316  AOT_assume τ
1317  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1318    by (rule GEN) (fact "term-out:1")
1319  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1320    using "∀E" by blast
1321qed
1322
1323(* TODO: example of an apply-style proof. Keep or reformulate? *)
1324AOT_theorem "term-out:3": (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1325  apply (rule "≡I"; rule "→I")
1326   apply (frule "&E"(1)) apply (drule "&E"(2))
1327   apply (rule GEN; rule "≡I"; rule "→I")
1328  using "rule-ui:2[const_var]" "vdash-properties:5" apply blast
1329  apply (meson "rule=E" "id-eq:1")
1330  apply (rule "&I")
1331  using "id-eq:1" "≡E"(2) "rule-ui:3" apply blast
1332  apply (rule GEN; rule "→I")
1333  using "≡E"(1) "rule-ui:2[const_var]" by blast
1334
1335AOT_theorem "term-out:4": (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1336  using "term-out:3" . (* TODO: same as above - another instance of the generalized alphabetic variant rule... *)
1337
1338(* TODO: would of course be nice to define it without the syntax magic *)
1339AOT_define AOT_exists_unique :: ‹α  φ  φ›
1340  "uniqueness:1": «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1341syntax "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1342AOT_syntax_print_translations
1343  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1344syntax
1345   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ› (∃!_...∃!_ _› [1,40])
1346parse_ast_translation[(syntax_const‹_AOT_exists_unique_ellipse›, fn ctx => fn [a,b,c] =>
1347  Ast.mk_appl (Ast.Constant "AOT_exists_unique") [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1348(syntax_const‹_AOT_exists_unique›,AOT_restricted_binder const_name‹AOT_exists_unique› const_syntax‹AOT_conj›)]
1349print_translationAOT_syntax_print_translations
1350  [AOT_preserve_binder_abs_tr' const_syntax‹AOT_exists_unique› syntax_const‹_AOT_exists_unique› (syntax_const‹_AOT_exists_unique_ellipse›, true) const_name‹AOT_conj›,
1351  AOT_binder_trans @{theory} @{binding "AOT_exists_unique_binder"} syntax_const‹_AOT_exists_unique›]
1352
1353
1354
1355context AOT_meta_syntax
1356begin
1357notation AOT_exists_unique (binder "!" 20)
1358end
1359context AOT_no_meta_syntax
1360begin
1361no_notation AOT_exists_unique (binder "!" 20)
1362end
1363
1364AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1365proof(rule "≡I"; rule "→I")
1366    AOT_assume ∃!α φ{α}
1367    AOT_hence α (φ{α} & β (φ{β}  β = α))
1368      using "uniqueness:1" "≡dfE" by blast
1369    then AOT_obtain α where φ{α} & β (φ{β}  β = α) using "instantiation"[rotated] by blast
1370    AOT_hence β(φ{β}  β = α) using "term-out:3" "≡E" by blast
1371    AOT_thus αβ(φ{β}  β = α)
1372      using "∃I" by fast
1373next
1374    AOT_assume αβ(φ{β}  β = α)
1375    then AOT_obtain α where β (φ{β}  β = α) using "instantiation"[rotated] by blast
1376    AOT_hence φ{α} & β (φ{β}  β = α) using "term-out:3" "≡E" by blast
1377    AOT_hence α (φ{α} & β (φ{β}  β = α))
1378      using "∃I" by fast
1379    AOT_thus ∃!α φ{α}
1380      using "uniqueness:1" "≡dfI" by blast
1381qed
1382
1383AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1384proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1385  fix β γ
1386  AOT_assume ∃!α φ{α}
1387  AOT_hence αβ(φ{β}  β = α)
1388    using "uniqueness:2" "≡E" by blast
1389  then AOT_obtain α where β(φ{β}  β = α)
1390    using "instantiation"[rotated] by blast
1391  moreover AOT_assume φ{β} & φ{γ}
1392  ultimately AOT_have β = α and γ = α
1393    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1394  AOT_thus β = γ
1395    by (metis "rule=E" "id-eq:2" "→E")
1396qed
1397
1398AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1399proof (rule "→I"; rule "→I")
1400  AOT_assume a: α(φ{α}  φ{α})
1401  AOT_assume ∃!α φ{α}
1402  AOT_hence α (φ{α} & β (φ{β}  β = α)) using "uniqueness:1" "≡dfE" by blast
1403  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α) using "instantiation"[rotated] by blast
1404  AOT_have φ{α}
1405    using ξ a "&E" "∀E" "→E" by fast
1406  moreover AOT_have β (φ{β}  β = α)
1407    apply (rule GEN; rule "→I")
1408    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
1409  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1410    using "&I" by blast
1411  AOT_thus ∃!α φ{α}
1412    using "uniqueness:1" "≡dfI" "∃I" by fast
1413qed
1414
1415AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1416  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1417
1418AOT_theorem "nec-imp-act": φ  𝒜φ
1419  by (metis "act-cond" "contraposition:1[2]" "≡E"(4) "qml:2"[THEN act_closure, axiom_inst] "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1420
1421AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1422  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst] "logic-actual-nec:4"[axiom_inst] by blast
1423
1424AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1425  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst] "logic-actual-nec:4"[axiom_inst] RAA(1))
1426
1427AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1428proof -
1429  AOT_have (φ  (ψ  (φ & ψ)))
1430    by (rule RN) (fact Adjunction)
1431  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1432    using "nec-imp-act" "→E" by blast
1433  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1434    using "act-cond" "→E" by blast
1435  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1436    by (fact "act-cond")
1437  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1438    using "→I" "→E" by metis
1439  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1440    by (metis Importation "→E")
1441qed
1442
1443AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1444proof -
1445  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1446    by (fact "act-conj-act:3")
1447  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1448    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1449  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1450    using "→E" by blast
1451  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1452    using "conventions:3"[THEN "df-rules-formulas[2]", THEN act_closure, axiom_inst] by blast
1453  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1454    using "act-cond" "→E" by blast
1455  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1456qed
1457
1458(* TODO: consider introducing AOT_inductive *)
1459inductive arbitrary_actualization for φ where
1460  arbitrary_actualization φ «𝒜φ»
1461| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1462declare arbitrary_actualization.cases[AOT] arbitrary_actualization.induct[AOT]
1463        arbitrary_actualization.simps[AOT] arbitrary_actualization.intros[AOT]
1464syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop› ("ARBITRARY'_ACTUALIZATION'(_,_')")
1465
1466notepad
1467begin
1468  AOT_modally_strict {
1469    fix φ
1470    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1471      using AOT_PLM.arbitrary_actualization.intros by metis
1472    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1473      using AOT_PLM.arbitrary_actualization.intros by metis
1474    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1475      using AOT_PLM.arbitrary_actualization.intros by metis
1476  }
1477end
1478
1479
1480AOT_theorem "closure-act:1": assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ) shows ψ
1481using assms proof(induct)
1482  case 1
1483  AOT_show 𝒜(𝒜φ  φ)
1484    by (simp add: "act-conj-act:4")
1485next
1486  case (2 ψ)
1487  AOT_thus 𝒜ψ
1488    by (metis arbitrary_actualization.simps "≡E"(1) "logic-actual-nec:4"[axiom_inst])
1489qed
1490
1491AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1492  by (simp add: "act-conj-act:4" "∀I")
1493
1494AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1495  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "logic-actual-nec:3"[axiom_inst] "logic-actual-nec:4"[axiom_inst] "∀I")
1496
1497AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1498  using "closure-act:3" .
1499
1500(* TODO: examine these proofs *)
1501AOT_theorem "RA[1]": assumes  φ shows  𝒜φ
1502  (* This proof is the one rejected in remark (136) (meta-rule) *)
1503  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst] "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1504AOT_theorem "RA[2]": assumes  φ shows 𝒜φ
1505  (* This is actually Γ ⊢ φ ⟹ □Γ ⊢ 𝒜φ*)
1506  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1507AOT_theorem "RA[3]": assumes Γ  φ shows 𝒜Γ  𝒜φ
1508  using assms by (meson AOT_sem_act imageI)
1509  (* This is not exactly right either. *)
1510
1511AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1512  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem" "≡I" "logic-actual"[act_axiom_inst])
1513
1514AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1515  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1" "useful-tautologies:2" by blast
1516
1517AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1518  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1519
1520AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1521proof (rule "≡I"; rule "→I")
1522  AOT_assume 𝒜(φ & ψ)
1523  moreover AOT_have 𝒜((φ & ψ)  φ)
1524    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1525  moreover AOT_have 𝒜((φ & ψ)  ψ)
1526    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1527  ultimately AOT_show 𝒜φ & 𝒜ψ
1528    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1529next
1530  AOT_assume 𝒜φ & 𝒜ψ
1531  AOT_thus 𝒜(φ & ψ)
1532    using "act-conj-act:3" "vdash-properties:6" by blast
1533qed
1534
1535AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1536proof (rule "≡I"; rule "→I")
1537  AOT_assume 𝒜(φ  ψ)
1538  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1539    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1540  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1541    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1542  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1543    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1544next
1545  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1546  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1547    by (metis "act-conj-act:3" "vdash-properties:10")
1548  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1549    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]" "vdash-properties:1[2]")
1550  ultimately AOT_show 𝒜(φ  ψ)
1551    using "act-cond"[THEN "→E", THEN "→E"] by metis
1552qed
1553
1554AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1555proof (rule "≡I"; rule "→I")
1556  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1557  AOT_show 𝒜φ  𝒜ψ
1558    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1559next
1560  AOT_assume 𝒜φ  𝒜ψ
1561  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1562    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1563qed
1564
1565AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1566  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1567
1568AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1569  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1570
1571AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1572  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act" "qml-act:2"[axiom_inst])
1573
1574AOT_theorem "Act-Basic:8": φ  𝒜φ
1575  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1576
1577AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1578proof (rule "≡I"; rule "→I")
1579  AOT_assume 𝒜(φ  ψ)
1580  AOT_thus 𝒜φ  𝒜ψ
1581  proof (rule "raa-cor:3")
1582    AOT_assume ¬(𝒜φ  𝒜ψ)
1583    AOT_hence ¬𝒜φ & ¬𝒜ψ
1584      by (metis "≡E"(1) "oth-class-taut:5:d")
1585    AOT_hence 𝒜¬φ & 𝒜¬ψ
1586      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1587    AOT_hence 𝒜(¬φ & ¬ψ)
1588      using "≡E" "Act-Basic:2" by metis
1589    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1590      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1591    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1592      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1593    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1594    AOT_thus ¬𝒜(φ  ψ)
1595      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1596  qed
1597next
1598  AOT_assume 𝒜φ  𝒜ψ
1599  AOT_thus 𝒜(φ  ψ)
1600    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1) "Disjunction Addition"(2))
1601qed
1602
1603AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1604proof -
1605  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1606    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1607       (metis "logic-actual-nec:3"[axiom_inst])
1608  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1609    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1610       (rule "logic-actual-nec:1"[THEN universal_closure, axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1611  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1612    using "conventions:4"[THEN "df-rules-formulas[1]", THEN act_closure, axiom_inst]
1613          "conventions:4"[THEN "df-rules-formulas[2]", THEN act_closure, axiom_inst]
1614    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1615  also AOT_have   ¬𝒜α ¬φ{α}
1616    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1617  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1618  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1619  also AOT_have   α 𝒜 φ{α}
1620    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1621  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1622qed
1623
1624
1625AOT_theorem "Act-Basic:11": 𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1626proof(rule "≡I"; rule "→I")
1627  AOT_assume 𝒜α(φ{α}  ψ{α})
1628  AOT_hence α𝒜(φ{α}  ψ{α})
1629    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
1630  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
1631  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
1632  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
1633next
1634  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
1635  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
1636  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
1637  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
1638  AOT_thus 𝒜α(φ{α}  ψ{α})
1639    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
1640qed
1641
1642AOT_act_theorem "act-quant-uniq": β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
1643proof(rule "≡I"; rule "→I")
1644  AOT_assume β(𝒜φ{β}  β = α)
1645  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1646  AOT_hence φ{β}  β = α for β
1647    using "≡I" "→I" "RA[1]" "≡E"(1) "≡E"(2) "logic-actual"[act_axiom_inst] "vdash-properties:6"
1648    by metis
1649  AOT_thus β(φ{β}  β = α) by (rule "∀I")
1650next
1651  AOT_assume β(φ{β}  β = α)
1652  AOT_hence φ{β}  β = α for β using "∀E" by blast
1653  AOT_hence 𝒜φ{β}  β = α for β
1654    using "≡I" "→I" "RA[1]" "≡E"(1) "≡E"(2) "logic-actual"[act_axiom_inst] "vdash-properties:6"
1655    by metis
1656  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
1657qed
1658
1659AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
1660  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
1661
1662AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
1663  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" "fund-cont-desc" "≡E"(5) by blast
1664
1665
1666locale russel_axiom =
1667  fixes ψ
1668  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
1669begin
1670AOT_act_theorem "russell-axiom": ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
1671proof -
1672  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
1673    using hintikka "∀I" by fast
1674  show ?thesis
1675  proof(rule "≡I"; rule "→I")
1676    AOT_assume c: ψ{ιx φ{x}}
1677    AOT_hence d: ιx φ{x} using ψ_denotes_asm by blast
1678    AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1679    then AOT_obtain a where a_def: a = ιx φ{x} using "instantiation"[rotated] by blast
1680    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a)) using b "∀E" by blast
1681    ultimately AOT_have φ{a} & z(φ{z}  z = a) using "≡E" by blast
1682    moreover AOT_have ψ{a}
1683    proof - 
1684      AOT_have 1: xy(x = y  y = x)
1685        by (simp add: "id-eq:2" "universal-cor")
1686      AOT_have a = ιx φ{x}   ιx φ{x} = a
1687        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
1688           (auto simp: 1 d "universal-cor")
1689      AOT_thus ψ{a}
1690        using a_def c "rule=E" "→E" by blast
1691    qed
1692    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
1693    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
1694  next
1695    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
1696    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b} using "instantiation"[rotated] by blast
1697    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b)) using b "∀E" by blast
1698    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b} using g "&E" by blast+
1699    AOT_hence b = ιx φ{x} using h "≡E" by blast
1700    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
1701  qed
1702qed
1703end
1704
1705(* TODO: this nicely shows off using locales with the embedding, but maybe there is still a nicer way *)
1706(* TODO: sledgehammer tends to refer to ψ_denotes_asm in these instantiation instead of referring
1707         to cqt:5:a - should be fixed *)
1708interpretation "russell-axiom[exe,1]": russel_axiom λ κ . «[Π]κ»
1709  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
1710interpretation "russell-axiom[exe,2,1,1]": russel_axiom λ κ . «[Π]κκ'»
1711  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
1712interpretation "russell-axiom[exe,2,1,2]": russel_axiom λ κ . «[Π]κ'κ»
1713  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
1714interpretation "russell-axiom[exe,2,2]": russel_axiom λ κ . «[Π]κκ»
1715  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
1716interpretation "russell-axiom[exe,3,1,1]": russel_axiom λ κ . «[Π]κκ'κ''»
1717  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1718interpretation "russell-axiom[exe,3,1,2]": russel_axiom λ κ . «[Π]κ'κκ''»
1719  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1720interpretation "russell-axiom[exe,3,1,3]": russel_axiom λ κ . «[Π]κ'κ''κ»
1721  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1722interpretation "russell-axiom[exe,3,2,1]": russel_axiom λ κ . «[Π]κκκ'»
1723  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
1724interpretation "russell-axiom[exe,3,2,2]": russel_axiom λ κ . «[Π]κκ'κ»
1725  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1726interpretation "russell-axiom[exe,3,2,3]": russel_axiom λ κ . «[Π]κ'κκ»
1727  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1728interpretation "russell-axiom[exe,3,3]": russel_axiom λ κ . «[Π]κκκ»
1729  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
1730
1731interpretation "russell-axiom[enc,1]": russel_axiom λ κ . «κ[Π]»
1732  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
1733interpretation "russell-axiom[enc,2,1]": russel_axiom λ κ . «κκ'[Π]»
1734  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
1735interpretation "russell-axiom[enc,2,2]": russel_axiom λ κ . «κ'κ[Π]»
1736  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
1737interpretation "russell-axiom[enc,2,3]": russel_axiom λ κ . «κκ[Π]»
1738  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
1739interpretation "russell-axiom[enc,3,1,1]": russel_axiom λ κ . «κκ'κ''[Π]»
1740  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1741interpretation "russell-axiom[enc,3,1,2]": russel_axiom λ κ . «κ'κκ''[Π]»
1742  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1743interpretation "russell-axiom[enc,3,1,3]": russel_axiom λ κ . «κ'κ''κ[Π]»
1744  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1745interpretation "russell-axiom[enc,3,2,1]": russel_axiom λ κ . «κκκ'[Π]»
1746  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
1747interpretation "russell-axiom[enc,3,2,2]": russel_axiom λ κ . «κκ'κ[Π]»
1748  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1749interpretation "russell-axiom[enc,3,2,3]": russel_axiom λ κ . «κ'κκ[Π]»
1750  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1751interpretation "russell-axiom[enc,3,3]": russel_axiom λ κ . «κκκ[Π]»
1752  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
1753
1754AOT_act_theorem "1-exists:1": ιx φ{x}  ∃!x φ{x}
1755proof(rule "≡I"; rule "→I")
1756  AOT_assume ιx φ{x}
1757  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1758  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1759  AOT_hence φ{a} & z (φ{z}  z = a) using hintikka "≡E" by blast
1760  AOT_hence x (φ{x} & z (φ{z}  z = x)) by (rule "∃I")
1761  AOT_thus ∃!x φ{x} using "uniqueness:1"[THEN "≡dfI"] by blast
1762next
1763  AOT_assume ∃!x φ{x}
1764  AOT_hence x (φ{x} & z (φ{z}  z = x))
1765    using "uniqueness:1"[THEN "≡dfE"] by blast
1766  then AOT_obtain b where φ{b} & z (φ{z}  z = b) using "instantiation"[rotated] by blast
1767  AOT_hence b = ιx φ{x} using hintikka "≡E" by blast
1768  AOT_thus ιx φ{x} by (metis "t=t-proper:2" "vdash-properties:6")
1769qed
1770
1771AOT_act_theorem "1-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
1772  using "1-exists:1" "free-thms:1" "≡E"(6) by blast
1773
1774AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
1775  using "&E"(1) "→I" hintikka "≡E"(1) by blast
1776
1777AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1". (* TODO: same as above *)
1778
1779AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
1780proof(rule "→I")
1781  AOT_assume ιx φ{x}
1782  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1783  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1784  moreover AOT_have φ{a} using calculation hintikka "≡E"(1) "&E" by blast
1785  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
1786qed
1787
1788AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
1789  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
1790
1791
1792AOT_theorem "act-quant-nec": β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
1793proof(rule "≡I"; rule "→I")
1794  AOT_assume β (𝒜φ{β}  β = α)
1795  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1796  AOT_hence 𝒜𝒜φ{β}  β = α for β 
1797    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
1798  AOT_thus β(𝒜𝒜φ{β}  β = α)
1799    by (rule "∀I")
1800next
1801  AOT_assume β(𝒜𝒜φ{β}  β = α)
1802  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
1803  AOT_hence 𝒜φ{β}  β = α for β
1804    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
1805  AOT_thus β (𝒜φ{β}  β = α)
1806    by (rule "∀I")
1807qed
1808
1809AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
1810proof -
1811  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)  using descriptions[axiom_inst] by blast
1812  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
1813  proof(rule "≡I"; rule "→I"; rule "∀I")
1814    AOT_assume z (𝒜φ{z}  z = x)
1815    AOT_hence 𝒜φ{a}  a = x for a using "∀E" by blast
1816    AOT_thus 𝒜𝒜φ{a}  a = x for a by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
1817  next
1818    AOT_assume z (𝒜𝒜φ{z}  z = x)
1819    AOT_hence 𝒜𝒜φ{a}  a = x for a using "∀E" by blast
1820    AOT_thus 𝒜φ{a}  a = x for a  by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
1821  qed
1822  also AOT_have ...  x = ιx(𝒜φ{x})
1823    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
1824  finally show ?thesis .
1825qed
1826
1827AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
1828proof(rule "→I")
1829  AOT_assume ιx φ{x}
1830  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1831  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1832  moreover AOT_have a = ιx(𝒜φ{x}) using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
1833  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x}) using "rule=E" by fast
1834qed
1835
1836AOT_theorem "nec-hintikka-scheme": x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
1837proof -
1838  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x) using descriptions[axiom_inst] by blast
1839  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
1840    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
1841  finally show ?thesis.
1842qed
1843
1844AOT_theorem "equiv-desc-eq:1": 𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
1845proof(rule "→I"; rule "∀I")
1846  fix β
1847  AOT_assume 𝒜x(φ{x}  ψ{x})
1848  AOT_hence 𝒜(φ{x}  ψ{x}) for x using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
1849  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x by (metis "Act-Basic:5" "≡E"(1))
1850  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β) using "nec-hintikka-scheme" by blast
1851  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
1852  proof (rule "≡I"; rule "→I")
1853    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
1854    AOT_hence 𝒜φ{z}  z = β for z using "&E" "∀E" by blast
1855    AOT_hence 𝒜ψ{z}  z = β for z using 0 "≡E" "→I" "→E" by metis
1856    AOT_hence z(𝒜ψ{z}  z = β) using "∀I" by fast
1857    moreover AOT_have 𝒜ψ{β} using "&E" 0[THEN "≡E"(1)] 1 by blast
1858    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β) using "&I" by blast
1859  next
1860    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
1861    AOT_hence 𝒜ψ{z}  z = β for z using "&E" "∀E" by blast
1862    AOT_hence 𝒜φ{z}  z = β for z using 0 "≡E" "→I" "→E" by metis
1863    AOT_hence z(𝒜φ{z}  z = β) using "∀I" by fast
1864    moreover AOT_have 𝒜φ{β} using "&E" 0[THEN "≡E"(2)] 1 by blast
1865    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β) using "&I" by blast
1866  qed
1867  also AOT_have ...  β = ιx ψ{x}
1868    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
1869  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
1870qed
1871
1872AOT_theorem "equiv-desc-eq:2": ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1873proof(rule "→I")
1874  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
1875  AOT_hence 0: y (y = ιx φ{x}) and
1876            1: x (x = ιx φ{x}  x = ιx ψ{x})
1877    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
1878  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1879  moreover AOT_have a = ιx ψ{x} using calculation 1 "∀E" "≡E"(1) by fast
1880  ultimately AOT_show ιx φ{x} = ιx ψ{x}
1881    using "rule=E" by fast
1882qed
1883
1884AOT_theorem "equiv-desc-eq:3": ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1885  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E" "nec-imp-act"[THEN "→E"] by metis
1886
1887(* Note: this is a special case of "exist-nec" *)
1888AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
1889proof(rule "→I")
1890  AOT_assume ιx φ{x}
1891  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1892  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1893  AOT_thus ιx φ{x}
1894    using "ex:2:a" "rule=E" by fast
1895qed
1896
1897AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
1898proof(rule "→I")
1899  AOT_assume ιx φ{x}
1900  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1901  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1902  AOT_hence (a = ιx φ{x}) by (metis "id-nec:2" "vdash-properties:10")
1903  AOT_thus y (y = ιx φ{x}) by (rule "∃I")
1904qed
1905
1906AOT_act_theorem "equiv-desc-eq2:1": x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
1907  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"] "equiv-desc-eq:1"[THEN "→E"]
1908        "RA[1]" "deduction-theorem" by blast
1909
1910AOT_act_theorem "equiv-desc-eq2:2": ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
1911  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"] "equiv-desc-eq:2"[THEN "→E", OF "&I"]
1912        "RA[1]" "deduction-theorem" "&E" by metis
1913
1914context russel_axiom
1915begin
1916AOT_theorem "nec-russell-axiom": ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
1917proof -
1918  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
1919    using "nec-hintikka-scheme" "∀I" by fast
1920  show ?thesis
1921  proof(rule "≡I"; rule "→I")
1922    AOT_assume c: ψ{ιx φ{x}}
1923    AOT_hence d: ιx φ{x} using ψ_denotes_asm by blast
1924    AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1925    then AOT_obtain a where a_def: a = ιx φ{x} using "instantiation"[rotated] by blast
1926    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a)) using b "∀E" by blast
1927    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) using "≡E" by blast
1928    moreover AOT_have ψ{a}
1929    proof - 
1930      AOT_have 1: xy(x = y  y = x)
1931        by (simp add: "id-eq:2" "universal-cor")
1932      AOT_have a = ιx φ{x}   ιx φ{x} = a
1933        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
1934           (auto simp: d "universal-cor" 1)
1935      AOT_thus ψ{a}
1936        using a_def c "rule=E" "→E" by metis
1937    qed
1938    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a} by (rule "&I")
1939    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x}) by (rule "∃I")
1940  next
1941    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
1942    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b} using "instantiation"[rotated] by blast
1943    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b)) using b "∀E" by blast
1944    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b} using g "&E" by blast+
1945    AOT_hence b = ιx φ{x} using h "≡E" by blast
1946    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
1947  qed
1948qed
1949end
1950
1951AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
1952proof (rule "≡I"; rule "→I")
1953  AOT_assume ιx φ{x}
1954  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1955  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1956  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
1957    using descriptions[axiom_inst] by blast
1958  ultimately AOT_have z(𝒜φ{z}  z = a)
1959    using "≡E" by blast
1960  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
1961  AOT_thus ∃!x 𝒜φ{x}
1962    using "uniqueness:2"[THEN "≡E"(2)] by fast
1963next
1964  AOT_assume ∃!x 𝒜φ{x}
1965  AOT_hence xz(𝒜φ{z}  z = x)
1966    using "uniqueness:2"[THEN "≡E"(1)] by fast
1967  then AOT_obtain a where z(𝒜φ{z}  z = a) using "instantiation"[rotated] by blast
1968  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
1969    using descriptions[axiom_inst] by blast
1970  ultimately AOT_have a = ιx φ{x} using "≡E" by blast
1971  AOT_thus ιx φ{x} by (metis "t=t-proper:2" "vdash-properties:6")
1972qed
1973
1974AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
1975  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme" "reductio-aa:2" "vdash-properties:9" by blast
1976
1977AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
1978  using "actual-desc:2". (* TODO: same as above *)
1979
1980AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
1981proof(rule "→I")
1982  AOT_assume ιx φ{x}
1983  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
1984  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
1985  AOT_thus 𝒜φ{ιx φ{x}}
1986    using "actual-desc:2" "rule=E" "→E" by fast
1987qed
1988
1989(* TODO: take another look at proof in PLM *)
1990AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
1991proof(rule "→I")
1992  AOT_assume 0: ιx φ{x} = ιx ψ{x}
1993  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
1994    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
1995  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x}) by (metis "rule=I:1" "existential:1")+
1996  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
1997    using "instantiation"[rotated] by metis
1998
1999  AOT_have αβ (α = β  β = α) by (rule "∀I"; rule "∀I"; rule "id-eq:2")
2000  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
2001    using "∀E" φ_down by blast
2002  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
2003    using "∀E" ψ_down by blast
2004  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
2005    "→E" by blast
2006
2007  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
2008  proof(rule "≡I"; rule "→I")
2009    AOT_assume 𝒜φ{x}
2010    moreover AOT_have 𝒜φ{x}  x = a for x
2011      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)] "∀E" by blast
2012    ultimately AOT_have x = a using "→E" by blast
2013    AOT_hence x = ιx φ{x} using a_eq "rule=E" by blast
2014    AOT_hence x = ιx ψ{x} using 0 "rule=E" by blast
2015    AOT_thus 𝒜ψ{x} by (metis "actual-desc:3" "vdash-properties:6")
2016  next
2017    AOT_assume 𝒜ψ{x}
2018    moreover AOT_have 𝒜ψ{x}  x = b for x
2019      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)] "∀E" by blast
2020    ultimately AOT_have x = b using "→E" by blast
2021    AOT_hence x = ιx ψ{x} using b_eq "rule=E" by blast
2022    AOT_hence x = ιx φ{x} using 1 "rule=E" by blast
2023    AOT_thus 𝒜φ{x} by (metis "actual-desc:3" "vdash-properties:6")
2024  qed
2025  AOT_hence 𝒜(φ{x}  ψ{x}) for x by (metis "Act-Basic:5" "≡E"(2))
2026  AOT_hence x 𝒜(φ{x}  ψ{x}) by (rule "∀I")
2027  AOT_thus 𝒜x (φ{x}  ψ{x})
2028    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2029qed    
2030
2031AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2032proof(rule "→I")
2033  AOT_assume ∃!x φ{x}
2034  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2035    using "uniqueness:1"[THEN "≡dfE"] by blast
2036  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b) using "instantiation"[rotated] by blast
2037  AOT_show y (y = ιx φ{x}  φ{y})
2038  proof(rule GEN; rule "→I")
2039    fix y
2040    AOT_assume y = ιx φ{x}
2041    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y) using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2042    AOT_hence 𝒜φ{b}  b = y using "&E" "∀E" by blast
2043    moreover AOT_have 𝒜φ{b} using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2044    ultimately AOT_have b = y using "→E" by blast
2045    moreover AOT_have φ{b} using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2046    ultimately AOT_show φ{y} using "rule=E" by blast
2047  qed
2048qed
2049
2050AOT_theorem "!box-desc:2": x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2051proof(rule "→I"; rule "→I")
2052  AOT_assume x (φ{x}  φ{x})
2053  moreover AOT_assume ∃!x φ{x}
2054  ultimately AOT_have ∃!x φ{x}
2055    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2056  AOT_thus y (y = ιx φ{x}  φ{y})
2057    using "!box-desc:1" "→E" by blast
2058qed
2059
2060AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ} (* TODO: vacuous *)
2061  by (simp add: "rule=I:1" "→I")
2062
2063AOT_theorem "RM:1[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2064proof -
2065  AOT_have Γ  (φ  ψ) using "RN[prem]" assms by blast
2066  AOT_thus Γ  φ  ψ by (metis "qml:1"[axiom_inst] "→E")
2067qed
2068
2069AOT_theorem "RM:1": assumes  φ  ψ shows  φ  ψ
2070  using "RM:1[prem]" assms by blast
2071
2072lemmas RM = "RM:1"
2073
2074AOT_theorem "RM:2[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2075proof -
2076  AOT_have Γ  ¬ψ  ¬φ using assms 
2077    by (simp add: "contraposition:1[1]")
2078  AOT_hence Γ  ¬ψ  ¬φ using "RM:1[prem]" by blast
2079  AOT_thus Γ  φ  ψ
2080    by (meson "≡dfE" "≡dfI" "conventions:5" "deduction-theorem" "modus-tollens:1")
2081qed
2082
2083AOT_theorem "RM:2": assumes  φ  ψ shows  φ  ψ
2084  using "RM:2[prem]" assms by blast
2085
2086lemmas "RM◇" = "RM:2"
2087
2088AOT_theorem "RM:3[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2089proof -
2090  AOT_have Γ  φ  ψ and Γ  ψ  φ using assms "≡E" "→I" by metis+
2091  AOT_hence Γ  φ  ψ and Γ  ψ  φ using "RM:1[prem]" by metis+
2092  AOT_thus Γ  φ  ψ
2093    by (simp add: "≡I")
2094qed
2095
2096AOT_theorem "RM:3": assumes  φ  ψ shows  φ  ψ
2097  using "RM:3[prem]" assms by blast
2098
2099lemmas RE = "RM:3"
2100
2101AOT_theorem "RM:4[prem]": assumes Γ  φ  ψ shows Γ  φ  ψ
2102proof -
2103  AOT_have Γ  φ  ψ and Γ  ψ  φ using assms "≡E" "→I" by metis+
2104  AOT_hence Γ  φ  ψ and Γ  ψ  φ using "RM:2[prem]" by metis+
2105  AOT_thus Γ  φ  ψ by (simp add: "≡I")
2106qed
2107
2108AOT_theorem "RM:4": assumes  φ  ψ shows  φ  ψ
2109  using "RM:4[prem]" assms by blast
2110
2111lemmas "RE◇" = "RM:4"
2112
2113AOT_theorem "KBasic:1": φ  (ψ  φ)
2114  by (simp add: RM "pl:1"[axiom_inst])
2115
2116AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2117  by (simp add: RM "useful-tautologies:3")
2118
2119AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2120proof (rule "≡I"; rule "→I")
2121  AOT_assume (φ & ψ)
2122  AOT_thus φ & ψ
2123    by (meson RM "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "vdash-properties:6")
2124next
2125  AOT_have φ  (ψ  (φ & ψ)) by (simp add: "RM:1" Adjunction)
2126  AOT_hence φ  (ψ  (φ & ψ))  by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2127  moreover AOT_assume φ & ψ
2128  ultimately AOT_show (φ & ψ)
2129    using "→E" "&E" by blast
2130qed
2131
2132AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2133proof -
2134  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2135    by (fact "KBasic:3")
2136  AOT_modally_strict {
2137    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2138      by (fact "conventions:3"[THEN "≡Df"])
2139  }
2140  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2141    by (rule RE)
2142  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2143    using "≡E"(5) by blast
2144qed
2145
2146AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2147proof -
2148  AOT_have (φ  ψ)  (φ  ψ)
2149    by (fact "qml:1"[axiom_inst])
2150  moreover AOT_have (ψ  φ)  (ψ  φ)
2151    by (fact "qml:1"[axiom_inst])
2152  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2153    by (metis "&I" MP "Double Composition")
2154  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2155    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2156  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2157    by (metis "Hypothetical Syllogism")
2158qed
2159
2160AOT_theorem "KBasic:6": (φ ψ)  (φ  ψ)
2161  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "vdash-properties:10" by blast
2162AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2163proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2164  AOT_assume φ & ψ
2165  AOT_hence φ and ψ using "&E" by blast+
2166  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2167  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2168  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2169next
2170  AOT_assume ¬φ & ¬ψ
2171  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2172  AOT_modally_strict {
2173    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2174      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2175  }
2176  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2177    by (rule RM)
2178  AOT_thus (φ  ψ) using 0 "→E" by blast
2179qed(auto)
2180
2181AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2182  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2183AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2184  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2185AOT_theorem "KBasic:10": φ  ¬¬φ
2186  by (simp add: "RM:3" "oth-class-taut:3:b")
2187AOT_theorem "KBasic:11": ¬φ  ¬φ
2188proof (rule "≡I"; rule "→I")
2189  AOT_show ¬φ if ¬φ
2190    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2191next
2192  AOT_show ¬φ if ¬φ
2193    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2194qed
2195AOT_theorem "KBasic:12": φ  ¬¬φ
2196proof (rule "≡I"; rule "→I")
2197  AOT_show ¬¬φ if φ
2198    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2199next
2200  AOT_show φ if ¬¬φ
2201  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2202qed
2203AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2204proof -
2205  AOT_have φ  ψ  φ  ψ by blast
2206  AOT_hence (φ  ψ)  φ  ψ
2207    using "RM:2[prem]" by blast
2208  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2209qed
2210lemmas "K◇" = "KBasic:13"
2211AOT_theorem "KBasic:14": φ  ¬¬φ
2212  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2213AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2214proof -
2215  AOT_modally_strict {
2216    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2217      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2218  }
2219  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2220    using RM by blast+
2221  AOT_thus (φ  ψ)  (φ  ψ)
2222    by (metis "∨E"(1) "deduction-theorem")
2223qed
2224
2225AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2226  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism" Importation "vdash-properties:6")
2227
2228AOT_theorem "rule-sub-lem:1:a":
2229  assumes  (ψ  χ)
2230  shows  ¬ψ  ¬χ
2231  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2232        "≡E"(1) "oth-class-taut:4:b" by blast
2233
2234AOT_theorem "rule-sub-lem:1:b":
2235  assumes  (ψ  χ)
2236  shows  (ψ  Θ)  (χ  Θ)
2237  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2238  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2239
2240AOT_theorem "rule-sub-lem:1:c":
2241  assumes  (ψ  χ)
2242  shows  (Θ  ψ)  (Θ  χ)
2243  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2244  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2245
2246AOT_theorem "rule-sub-lem:1:d":
2247  assumes for arbitrary α:  (ψ{α}  χ{α})
2248  shows  α ψ{α}  α χ{α}
2249proof -
2250  AOT_modally_strict {
2251    AOT_have α (ψ{α}  χ{α})
2252      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2253    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2254    AOT_show α ψ{α}  α χ{α}
2255    proof (rule "≡I"; rule "→I")
2256      AOT_assume α ψ{α}
2257      AOT_hence ψ{α} for α using "∀E" by blast
2258      AOT_hence χ{α} for α using 0 "≡E" by blast
2259      AOT_thus α χ{α} by (rule "∀I")
2260    next
2261      AOT_assume α χ{α}
2262      AOT_hence χ{α} for α using "∀E" by blast
2263      AOT_hence ψ{α} for α using 0 "≡E" by blast
2264      AOT_thus α ψ{α} by (rule "∀I")
2265    qed
2266  }
2267qed
2268
2269AOT_theorem "rule-sub-lem:1:e":
2270  assumes  (ψ  χ)
2271  shows   ψ]   χ]
2272  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2273  using "≡E"(1) "propositions-lemma:6" by blast
2274
2275AOT_theorem "rule-sub-lem:1:f":
2276  assumes  (ψ  χ)
2277  shows  𝒜ψ  𝒜χ
2278  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2279  by (metis "Act-Basic:5" "≡E"(1))
2280
2281AOT_theorem "rule-sub-lem:1:g":
2282  assumes  (ψ  χ)
2283  shows  ψ  χ
2284  using "KBasic:6" assms "vdash-properties:6" by blast
2285
2286text‹Note that instead of deriving @{text "rule-sub-lem:2"}, @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2287     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2288
2289class AOT_subst =
2290  fixes AOT_subst :: "('a  𝗈)  bool"
2291    and AOT_subst_cond :: "'a  'a  bool"
2292  assumes AOT_subst: "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2293
2294named_theorems AOT_substI
2295
2296instantiation 𝗈 :: AOT_subst
2297begin
2298
2299inductive AOT_subst_𝗈 where
2300  AOT_subst_𝗈_id[AOT_substI]: "AOT_subst_𝗈 (λφ. φ)"
2301| AOT_subst_𝗈_const[AOT_substI]: "AOT_subst_𝗈 (λφ. ψ)"
2302| AOT_subst_𝗈_not[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)"
2303| AOT_subst_𝗈_imp[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)"
2304| AOT_subst_𝗈_lambda0[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))"
2305| AOT_subst_𝗈_act[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)"
2306| AOT_subst_𝗈_box[AOT_substI]: "AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)"
2307| AOT_subst_𝗈_by_def[AOT_substI]: "( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ))  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ"
2308
2309definition AOT_subst_cond_𝗈 where "AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]"
2310
2311instance
2312proof
2313  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2314  assume cond: ‹AOT_subst_cond ψ χ
2315  assume ‹AOT_subst φ
2316  moreover AOT_have  ψ  χ using cond unfolding AOT_subst_cond_𝗈_def by blast
2317  ultimately AOT_show  φ{ψ}  φ{χ}
2318  proof (induct arbitrary: ψ χ)
2319    case AOT_subst_𝗈_id
2320    thus ?case using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2321  next
2322    case (AOT_subst_𝗈_const ψ)
2323    thus ?case by (simp add: "oth-class-taut:3:a")
2324  next
2325    case (AOT_subst_𝗈_not Θ)
2326    thus ?case by (simp add: RN "rule-sub-lem:1:a")
2327  next
2328    case (AOT_subst_𝗈_imp Θ Ξ)
2329    thus ?case by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2330  next
2331    case (AOT_subst_𝗈_lambda0 Θ)
2332    thus ?case by (simp add: RN "rule-sub-lem:1:e")
2333  next
2334    case (AOT_subst_𝗈_act Θ)
2335    thus ?case by (simp add: RN "rule-sub-lem:1:f")
2336  next
2337    case (AOT_subst_𝗈_box Θ)
2338    thus ?case by (simp add: RN "rule-sub-lem:1:g")
2339  next
2340    case (AOT_subst_𝗈_by_def Θ Ξ)
2341    AOT_modally_strict {
2342      AOT_have Ξ{ψ}  Ξ{χ} using AOT_subst_𝗈_by_def by simp
2343      AOT_thus Θ{ψ}  Θ{χ}
2344        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ] "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2345        by (metis "≡E"(6) "oth-class-taut:3:a")
2346    }
2347  qed
2348qed
2349end
2350
2351instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2352begin
2353
2354definition AOT_subst_cond_fun :: "('a  'b)  ('a  'b)  bool" where
2355  "AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α)) (ψ (AOT_term_of_var α))"
2356
2357inductive AOT_subst_fun :: "(('a  'b)  𝗈)  bool" where
2358  AOT_subst_fun_const[AOT_substI]: "AOT_subst_fun (λφ. ψ)"
2359| AOT_subst_fun_id[AOT_substI]: "AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var α)))"
2360| AOT_subst_fun_all[AOT_substI]: "AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α)))  AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)"
2361| AOT_subst_fun_not[AOT_substI]: "AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)"
2362| AOT_subst_fun_imp[AOT_substI]: "AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)"
2363| AOT_subst_fun_lambda0[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))"
2364| AOT_subst_fun_act[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)"
2365| AOT_subst_fun_box[AOT_substI]: "AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)"
2366| AOT_subst_fun_def[AOT_substI]: "( φ . AOT_model_equiv_def (Θ φ) (Ψ φ))  AOT_subst_fun Ψ  AOT_subst_fun Θ"
2367
2368instance proof
2369  fix ψ χ :: "'a  'b" and φ :: ('a  'b)  𝗈›
2370  assume ‹AOT_subst φ
2371  moreover assume cond: ‹AOT_subst_cond ψ χ
2372  ultimately AOT_show  «φ ψ»  «φ χ»
2373  proof(induct)
2374    case (AOT_subst_fun_const ψ)
2375    then show ?case by (simp add: "oth-class-taut:3:a")
2376  next
2377  case (AOT_subst_fun_id Ψ x)
2378  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2379  next
2380  next
2381  case (AOT_subst_fun_all Ψ Θ)
2382  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2383    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2384  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2385    by (simp add: RN "rule-sub-lem:1:d" AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2386  next
2387  case (AOT_subst_fun_not Ψ)
2388  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2389  next
2390  case (AOT_subst_fun_imp Ψ Θ)
2391  then show ?case 
2392    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2393    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "vdash-properties:6")
2394  next
2395  case (AOT_subst_fun_lambda0 Θ)
2396  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2397  next
2398  case (AOT_subst_fun_act Θ)
2399  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2400  next
2401  case (AOT_subst_fun_box Θ)
2402  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2403  next
2404  case (AOT_subst_fun_def Θ Ψ)
2405  then show ?case
2406    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2407  qed
2408qed
2409end
2410
2411ML2412fun prove_AOT_subst_tac ctxt = REPEAT (SUBGOAL (fn (trm,_) => let
2413          fun findHeadConst (Const x) = SOME x
2414            | findHeadConst (A $ _) = findHeadConst A
2415            | findHeadConst _ = NONE
2416          fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ _) = findHeadConst lhs
2417            | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2418            | findDef (Abs (_,_,c)) = findDef c
2419            | findDef _ = NONE
2420          val const_opt = (findDef trm)
2421          val defs = case const_opt of SOME const => List.filter (fn thm => let
2422              val concl = Thm.concl_of thm
2423              val thmconst = (findDef concl)
2424              in case thmconst of SOME (c,_) => fst const = c | _ => false end) (AOT_Definitions.get ctxt)
2425              | _ => []
2426          val tac = case defs of [] => safe_step_tac (ctxt addSIs @{thms AOT_substI}) 1
2427                    | _ => resolve_tac ctxt defs 1
2428        in tac end) 1)
2429fun getSubstThm ctxt reversed phi p q = let
2430val p_ty = Term.type_of p
2431val abs = HOLogic.mk_Trueprop (@{const AOT_subst(_)} $ phi)
2432val abs = Syntax.check_term ctxt abs
2433val substThm = Goal.prove ctxt [] [] abs (fn {context=ctxt, prems=_} => prove_AOT_subst_tac ctxt)
2434val substThm = substThm RS @{thm AOT_subst}
2435in if reversed then let
2436  val substThm = Drule.instantiate_normalize ([],[((("χ", 0), p_ty), Thm.cterm_of ctxt p),
2437          ((("ψ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2438  val substThm = substThm RS @{thm "≡E"(1)}
2439  in substThm end
2440else
2441  let
2442  val substThm = Drule.instantiate_normalize ([],[((("ψ", 0), p_ty), Thm.cterm_of ctxt p),
2443          ((("χ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2444  val substThm = substThm RS @{thm "≡E"(2)}
2445  in substThm end end
2446
2447
2448method_setup AOT_subst = 2449Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2450Scan.lift (Args.embedded_inner_syntax -- Args.embedded_inner_syntax
2451) -- Scan.option (Scan.lift (Args.$$$ "for" -- Args.colon) |-- Scan.repeat1 (Scan.lift (Args.embedded_inner_syntax) -- Scan.option (Scan.lift (Args.$$$ "::" |-- Args.embedded_inner_syntax))))
2452>> (fn ((reversed,(raw_p,raw_q)),raw_bounds) => (fn ctxt =>
2453(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _, prems = prems, asms = asms, concl = concl, schematics = _} =>
2454let
2455val thms = prems
2456val ctxt' = ctxt
2457val ctxt = Context_Position.set_visible false ctxt
2458val raw_bounds = case raw_bounds of SOME bounds => bounds | _ => []
2459
2460val ctxt = (fold (fn (bound, ty) => fn ctxt =>
2461  let
2462    val bound = AOT_read_term @{nonterminal τ'} ctxt bound
2463    val ty = Option.map (Syntax.read_typ ctxt) ty
2464    val ctxt = case ty of SOME ty => let
2465        val bound = Const ("_type_constraint_", Type ("fun", [ty,ty])) $ bound
2466        val bound = Syntax.check_term ctxt bound
2467      in Variable.declare_term bound ctxt end | _ => ctxt
2468  in ctxt end)) raw_bounds ctxt
2469
2470val p = AOT_read_term @{nonterminal φ'} ctxt raw_p
2471val p = Syntax.check_term ctxt p
2472val ctxt = Variable.declare_term p ctxt
2473val q = AOT_read_term @{nonterminal φ'} ctxt raw_q
2474val q = Syntax.check_term ctxt q
2475val ctxt = Variable.declare_term q ctxt
2476
2477val bounds = (map (fn (bound, _) => Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt bound))) raw_bounds
2478val p = fold (fn bound => fn p => let in Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,p)) end) bounds p
2479val p = Syntax.check_term ctxt p
2480val p_ty = Term.type_of p
2481
2482val pat = @{const Trueprop} $ (@{const AOT_model_valid_in} $ Var (("w",0), @{typ w}) $ (Var (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])) $ p))
2483val univ = Unify.matchers (Context.Proof ctxt) [(pat, Thm.term_of concl)]
2484val univ = hd (Seq.list_of univ) (* TODO: choose? try all? filter? *)
2485val phi = the (Envir.lookup univ (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])))
2486
2487val q = fold (fn bound => fn q => let in Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,q)) end) bounds q
2488val q = Syntax.check_term ctxt q
2489
2490(* Reparse to report bounds as fixes. *)
2491val ctxt = Context_Position.restore_visible ctxt' ctxt
2492val ctxt' = ctxt
2493fun unsource str = fst (Input.source_content (Syntax.read_input str))
2494val (_,ctxt') = Proof_Context.add_fixes (map (fn (str,_) => (Binding.make (unsource str, Position.none), NONE, Mixfix.NoSyn)) raw_bounds) ctxt'
2495val _ = (map (fn (x,_) => Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt' x))) raw_bounds
2496val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_p
2497val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_q
2498
2499in
2500resolve_tac ctxt [getSubstThm ctxt (case reversed of SOME x => true | _ => false) phi p q] 1
2501THEN simp_tac (ctxt addsimps [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}]) 1
2502THEN (REPEAT (resolve_tac ctxt [@{thm allI}] 1))
2503THEN (TRY (resolve_tac ctxt thms 1))
2504end
2505) ctxt 1))))
2506
2507
2508method_setup AOT_subst_def = 2509Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2510Attrib.thm
2511>> (fn (reversed,fact) => (fn ctxt =>
2512(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _, prems = prems, asms = asms, concl = concl, schematics = _} =>
2513let
2514val c = Thm.concl_of fact
2515val (lhs, rhs) = case c of (const‹Trueprop› $ (const‹AOT_model_equiv_def› $ lhs $ rhs)) => (lhs, rhs)
2516  | _ => raise Fail "Definition expected."
2517val substCond = HOLogic.mk_Trueprop (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
2518val substCond = Syntax.check_term (Proof_Context.set_mode Proof_Context.mode_schematic ctxt) substCond
2519val substCondThm = Goal.prove ctxt [] [] substCond (fn {context=ctxt, prems=prems} =>
2520      (SUBGOAL (fn (trm,int) =>
2521        auto_tac (ctxt addsimps [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}, fact RS @{thm "≡Df"}])) 1))
2522val substThm = substCondThm RSN (2,@{thm AOT_subst})
2523in
2524resolve_tac ctxt [substThm RS (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
2525THEN prove_AOT_subst_tac ctxt
2526THEN (TRY (resolve_tac ctxt prems 1))
2527end
2528) ctxt 1))))
2529
2530
2531method_setup AOT_subst_thm = 2532Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2533Attrib.thm
2534>> (fn (reversed,fact) => (fn ctxt =>
2535(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _, prems = prems, asms = asms, concl = concl, schematics = _} =>
2536let
2537val c = Thm.concl_of fact
2538val (lhs, rhs) = case c of (const‹Trueprop› $ (const‹AOT_model_valid_in› $ _ $ (const‹AOT_equiv› $ lhs $ rhs))) => (lhs, rhs)
2539  | _ => raise Fail "Equivalence expected."
2540
2541val substCond = HOLogic.mk_Trueprop (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
2542val substCond = Syntax.check_term (Proof_Context.set_mode Proof_Context.mode_schematic ctxt) substCond
2543val substCondThm = Goal.prove ctxt [] [] substCond (fn {context=ctxt, prems=prems} =>
2544      (SUBGOAL (fn (trm,int) => auto_tac (ctxt addsimps [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}, fact])) 1))
2545val substThm = substCondThm RSN (2,@{thm AOT_subst})
2546in
2547resolve_tac ctxt [substThm RS (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
2548THEN prove_AOT_subst_tac ctxt
2549THEN (TRY (resolve_tac ctxt prems 1))
2550end
2551) ctxt 1))))
2552
2553
2554AOT_theorem "rule-sub-remark:1[1]": assumes  A!x  ¬E!x and ¬A!x shows ¬¬E!x
2555  by (AOT_subst (reverse) ¬E!x A!x)
2556     (auto simp: assms) 
2557
2558AOT_theorem "rule-sub-remark:1[2]": assumes  A!x  ¬E!x and  ¬¬E!x shows ¬A!x
2559  by (AOT_subst A!x ¬E!x)
2560     (auto simp: assms)
2561
2562AOT_theorem "rule-sub-remark:2[1]":
2563  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a)) and p  [R]xy shows p  [R]xy & ([Q]a  ¬[Q]a)
2564  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2565
2566AOT_theorem "rule-sub-remark:2[2]":
2567  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a)) and p  [R]xy & ([Q]a  ¬[Q]a) shows p  [R]xy
2568  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2569
2570AOT_theorem "rule-sub-remark:3[1]":
2571  assumes for arbitrary x:  A!x  ¬E!x
2572      and x A!x
2573    shows x ¬E!x
2574  by (AOT_subst (reverse) ¬E!x A!x for: x)
2575     (auto simp: assms)
2576
2577AOT_theorem "rule-sub-remark:3[2]":
2578  assumes for arbitrary x:  A!x  ¬E!x
2579      and x ¬E!x
2580    shows x A!x
2581  by (AOT_subst A!x ¬E!x for: x)
2582     (auto simp: assms)
2583
2584AOT_theorem "rule-sub-remark:4[1]":
2585  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x shows 𝒜[P]x
2586  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2587
2588AOT_theorem "rule-sub-remark:4[2]":
2589  assumes  ¬¬[P]x  [P]x and 𝒜[P]x shows 𝒜¬¬[P]x
2590  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2591
2592AOT_theorem "rule-sub-remark:5[1]":
2593  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ) shows (¬ψ  ¬φ)
2594  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2595
2596AOT_theorem "rule-sub-remark:5[2]":
2597  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ) shows (φ  ψ) 
2598  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2599
2600AOT_theorem "rule-sub-remark:6[1]":
2601  assumes  ψ  χ and (φ  ψ) shows (φ  χ) 
2602  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2603
2604AOT_theorem "rule-sub-remark:6[2]":
2605  assumes  ψ  χ and (φ  χ) shows (φ  ψ)
2606  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2607
2608AOT_theorem "rule-sub-remark:7[1]":
2609  assumes  φ  ¬¬φ and (φ  φ) shows (¬¬φ  φ) 
2610  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
2611
2612AOT_theorem "rule-sub-remark:7[2]":
2613  assumes  φ  ¬¬φ and (¬¬φ  φ) shows  (φ  φ)
2614  by (AOT_subst_thm assms(1)) (simp add: assms(2))
2615
2616AOT_theorem "KBasic2:1": ¬φ  ¬φ
2617  by (meson "conventions:5" "contraposition:2" "Hypothetical Syllogism" "df-rules-formulas[3]"
2618            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
2619
2620AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
2621proof -
2622  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
2623    by (simp add: "RE◇" "oth-class-taut:5:b")
2624  also AOT_have   ¬(¬φ & ¬ψ)
2625    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
2626  also AOT_have   ¬(¬φ & ¬ψ)
2627    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
2628  also AOT_have   ¬(¬φ & ¬ψ)
2629    using "KBasic2:1"
2630    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ; auto simp: "oth-class-taut:3:a")
2631  also AOT_have   ¬¬(φ  ψ)
2632    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
2633  also AOT_have   φ  ψ
2634    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
2635  finally show ?thesis .
2636qed
2637
2638AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
2639  by (metis "RM◇" "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "deduction-theorem" "modus-tollens:1" "reductio-aa:1")
2640
2641AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
2642proof -
2643  AOT_have (φ  ψ)  (¬φ  ψ)
2644    by (AOT_subst φ  ψ ¬φ  ψ)
2645       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
2646  also AOT_have ...  ¬φ  ψ
2647    by (simp add: "KBasic2:2")
2648  also AOT_have ...  ¬φ  ψ
2649    by (AOT_subst ¬φ ¬φ)
2650       (auto simp: "KBasic:11" "oth-class-taut:3:a")
2651  also AOT_have ...  φ  ψ
2652    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
2653  finally show ?thesis .
2654qed
2655
2656AOT_theorem "KBasic2:5": φ  ¬¬φ
2657  using "conventions:5"[THEN "≡Df"]
2658  by (AOT_subst φ ¬¬φ; AOT_subst ¬¬φ ¬¬¬¬φ; AOT_subst (reverse) ¬¬¬φ ¬φ)
2659     (auto simp: "oth-class-taut:3:b" "oth-class-taut:3:a")
2660
2661
2662AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
2663proof(rule "→I"; rule "raa-cor:1")
2664  AOT_assume (φ  ψ)
2665  AOT_hence (¬φ  ψ)
2666    using "conventions:2"[THEN "≡Df"]
2667    by (AOT_subst (reverse) ¬φ  ψ φ  ψ) simp
2668  AOT_hence 1: ¬φ  ψ using "KBasic:13" "vdash-properties:10" by blast
2669  AOT_assume ¬(φ  ψ)
2670  AOT_hence ¬φ and ¬ψ using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
2671  AOT_thus ψ & ¬ψ using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
2672qed
2673
2674AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
2675proof(rule "→I"; frule "&E"(1); drule "&E"(2))
2676  AOT_assume (φ  ψ)
2677  AOT_hence 1: φ  ψ
2678    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
2679  AOT_assume ¬φ
2680  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
2681  AOT_thus ψ using 1 "∨E"(2) by blast
2682qed
2683
2684AOT_theorem "T-S5-fund:1": φ  φ
2685  by (meson "≡dfI" "conventions:5" "contraposition:2" "Hypothetical Syllogism" "deduction-theorem" "qml:2"[axiom_inst])
2686lemmas "T◇" = "T-S5-fund:1"
2687
2688AOT_theorem "T-S5-fund:2": φ  φ
2689proof(rule "→I")
2690  AOT_assume φ
2691  AOT_hence ¬¬φ
2692    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
2693  moreover AOT_have ¬φ  ¬φ
2694    by (fact "qml:3"[axiom_inst])
2695  ultimately AOT_have ¬¬φ
2696    using "modus-tollens:1" by blast
2697  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
2698qed
2699lemmas "5◇" = "T-S5-fund:2"
2700
2701(* Also interestingly none of these have proofs in PLM. *)
2702AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
2703  by (AOT_subst 𝒜¬φ ¬𝒜φ)
2704     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
2705
2706AOT_theorem "Act-Sub:2": φ  𝒜φ
2707  using "conventions:5"[THEN "≡Df"]
2708  by (AOT_subst φ ¬¬φ)
2709     (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
2710            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
2711
2712AOT_theorem "Act-Sub:3": 𝒜φ  φ
2713  using "conventions:5"[THEN "≡Df"]
2714  by (AOT_subst φ ¬¬φ)
2715     (metis "Act-Sub:1" "deduction-theorem" "≡E"(4) "nec-imp-act" "reductio-aa:2" "→E")
2716
2717
2718AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
2719proof (rule "≡I"; rule "→I")
2720  AOT_assume 𝒜φ
2721  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
2722next
2723  AOT_assume 𝒜φ
2724  AOT_hence ¬¬𝒜φ
2725    using "≡dfE" "conventions:5" by blast
2726  AOT_hence ¬𝒜¬φ
2727    by (AOT_subst 𝒜¬φ ¬𝒜φ)
2728       (simp add: "logic-actual-nec:1"[axiom_inst])
2729  AOT_thus 𝒜φ
2730      using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4) "reductio-aa:1" by blast
2731qed
2732
2733AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
2734  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "deduction-theorem" "≡E"(1) "≡E"(2) "vdash-properties:6")
2735
2736AOT_theorem "S5Basic:1": φ  φ
2737  by (simp add: "≡I" "qml:2" "qml:3" "vdash-properties:1[2]")
2738
2739AOT_theorem "S5Basic:2": φ  φ
2740  by (simp add: "T◇" "5◇" "≡I")
2741
2742AOT_theorem "S5Basic:3": φ  φ
2743  using "T◇" "Hypothetical Syllogism" "qml:3" "vdash-properties:1[2]" by blast
2744lemmas "B" = "S5Basic:3"
2745
2746AOT_theorem "S5Basic:4": φ  φ
2747  using "5◇" "Hypothetical Syllogism" "qml:2" "vdash-properties:1[2]" by blast
2748lemmas "B◇" = "S5Basic:4"
2749
2750AOT_theorem "S5Basic:5": φ  φ
2751  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
2752lemmas "4" = "S5Basic:5"
2753
2754AOT_theorem "S5Basic:6": φ  φ
2755  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
2756
2757AOT_theorem "S5Basic:7": φ  φ
2758  using "conventions:5"[THEN "≡Df"] "oth-class-taut:3:b"
2759  by (AOT_subst φ ¬¬φ;
2760      AOT_subst φ ¬¬φ;
2761      AOT_subst (reverse) ¬¬¬φ ¬φ;
2762      AOT_subst (reverse) ¬φ ¬φ)
2763     (auto simp: "S5Basic:6" "if-p-then-p")
2764
2765lemmas "4◇" = "S5Basic:7"
2766
2767AOT_theorem "S5Basic:8": φ  φ
2768  by (simp add: "4◇" "T◇" "≡I")
2769
2770AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
2771  apply (rule "≡I"; rule "→I")
2772  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10" apply blast
2773  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1) "con-dis-taut:7"
2774            "intro-elim:1" "Commutativity of ∨")
2775
2776AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
2777(* Note: nicely this proof is entirely sledgehammer generated *)
2778proof(rule "≡I"; rule "→I")
2779  AOT_assume (φ  ψ)
2780  AOT_hence φ  ψ
2781    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
2782  AOT_thus φ  ψ
2783    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
2784next
2785  AOT_assume φ  ψ
2786  AOT_hence φ  ψ
2787    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
2788  AOT_thus (φ  ψ)
2789    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1) "Disjunction Addition"(2))
2790qed
2791
2792AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
2793proof -
2794  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
2795    by (AOT_subst φ & ψ ¬(¬φ  ¬ψ))
2796       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
2797  also AOT_have   ¬(¬φ  ¬ψ)
2798    by (AOT_subst ¬ψ ¬ψ)
2799       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
2800  also AOT_have   ¬(¬φ  ¬ψ)
2801    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
2802  also AOT_have   ¬(¬φ  ¬ψ)
2803    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
2804  also AOT_have   ¬(¬φ  ¬ψ)
2805    using "KBasic2:1"
2806    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ)
2807       (auto simp:  "oth-class-taut:3:a")
2808  also AOT_have   φ & ψ
2809    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
2810  finally show ?thesis .
2811qed
2812
2813AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
2814proof (rule "≡I"; rule "→I")
2815  AOT_assume (φ & ψ)
2816  AOT_hence φ & ψ
2817    using "KBasic2:3" "vdash-properties:6" by blast
2818  AOT_thus φ & ψ
2819    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
2820next
2821  AOT_assume φ & ψ
2822  moreover AOT_have (ψ & φ)  (φ & ψ)
2823    by (AOT_subst φ & ψ ψ & φ)
2824       (auto simp: "Commutativity of &" "KBasic:16")
2825  ultimately AOT_show (φ & ψ)
2826    by (metis "4" "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "vdash-properties:6")
2827qed
2828
2829
2830AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
2831proof (rule "≡I")
2832  AOT_modally_strict {
2833    AOT_have (φ  ψ)  (φ  ψ)
2834      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "deduction-theorem")
2835  }
2836  AOT_hence (φ  ψ)  (φ  ψ)
2837    by (rule RM)
2838  AOT_thus  (φ  ψ)  (φ  ψ)
2839    using "4" "Hypothetical Syllogism" by blast
2840next
2841  AOT_modally_strict {
2842    AOT_have (φ  ψ)  (φ  ψ)
2843      by (meson "B" "Hypothetical Syllogism" "deduction-theorem" "qml:1" "vdash-properties:1[2]")
2844  }
2845  AOT_hence  (φ  ψ)  (φ  ψ)
2846    by (rule RM)
2847  AOT_thus (φ  ψ)  (φ  ψ)
2848    using "4" "Hypothetical Syllogism" by blast
2849qed
2850
2851AOT_theorem "derived-S5-rules:1":
2852  assumes Γ  φ  ψ shows Γ  φ  ψ
2853proof -
2854  AOT_have Γ  φ  ψ
2855    using assms by (rule "RM:1[prem]")
2856  AOT_thus Γ  φ  ψ
2857    using "B" "Hypothetical Syllogism" by blast
2858qed
2859
2860AOT_theorem "derived-S5-rules:2":
2861  assumes Γ  φ  ψ shows Γ  φ  ψ
2862proof -
2863  AOT_have Γ  φ  ψ
2864    using assms by (rule "RM:2[prem]")
2865  AOT_thus Γ  φ  ψ
2866    using "B◇" "Hypothetical Syllogism" by blast
2867qed
2868
2869AOT_theorem "BFs:1": α φ{α}  α φ{α}
2870proof -
2871  AOT_modally_strict {
2872    AOT_modally_strict {
2873      AOT_have α φ{α}  φ{α} for α by (fact AOT)
2874    }
2875    AOT_hence α φ{α}  φ{α} for α by (rule "RM◇")
2876    AOT_hence α φ{α}  α φ{α}
2877      using "B◇" "∀I" "→E" "→I" by metis
2878  }
2879  thus ?thesis using "derived-S5-rules:1" by blast
2880qed
2881lemmas "BF" = "BFs:1"
2882
2883AOT_theorem "BFs:2": α φ{α}  α φ{α}
2884proof -
2885  AOT_have α φ{α}  φ{α} for α using RM "cqt-orig:3" by metis
2886  thus ?thesis using  "cqt-orig:2"[THEN "→E"] "∀I" by metis
2887qed
2888lemmas "CBF" = "BFs:2"
2889
2890AOT_theorem "BFs:3": α φ{α}  α φ{α}
2891proof(rule "→I")
2892  AOT_modally_strict {
2893    AOT_have α ¬φ{α}  α ¬φ{α}
2894      using BF CBF "≡I" by blast
2895  } note θ = this
2896
2897  AOT_assume α φ{α}
2898  AOT_hence ¬¬(α φ{α})
2899    using "≡dfE" "conventions:5" by blast
2900  AOT_hence ¬α ¬φ{α}
2901    apply (AOT_subst α ¬φ{α} ¬(α φ{α}))
2902    using "≡dfI" "conventions:3" "conventions:4" "&I" "contraposition:2" "cqt-further:4"
2903          "df-rules-formulas[1]" "vdash-properties:1[2]" by blast
2904  AOT_hence ¬α ¬φ{α}
2905    apply (AOT_subst (reverse) α ¬φ{α} α ¬φ{α})
2906    using θ by blast
2907  AOT_hence ¬α ¬¬¬φ{α}
2908    by (AOT_subst (reverse) ¬¬¬φ{α} ¬φ{α} for: α)
2909       (simp add: "oth-class-taut:3:b")
2910  AOT_hence α ¬¬φ{α}
2911    by (rule "conventions:4"[THEN "≡dfI"])
2912  AOT_thus α φ{α}
2913    using "conventions:5"[THEN "≡Df"]
2914    by (AOT_subst φ{α} ¬¬φ{α} for: α)
2915qed
2916lemmas "BF◇" = "BFs:3"
2917
2918AOT_theorem "BFs:4": α φ{α}  α φ{α}
2919proof(rule "→I")
2920  AOT_assume α φ{α}
2921  AOT_hence ¬α ¬φ{α}
2922    using "conventions:4"[THEN "≡dfE"] by blast
2923  AOT_hence ¬α ¬φ{α}
2924    using "KBasic2:1"
2925    by (AOT_subst ¬φ{α} ¬φ{α} for: α)
2926  moreover AOT_have α ¬φ{α}  α ¬φ{α}
2927    using "≡I" "BF" "CBF" by metis
2928  ultimately AOT_have 1: ¬α ¬φ{α}
2929    using "≡E"(3) by blast
2930  AOT_show α φ{α}
2931    apply (rule "conventions:5"[THEN "≡dfI"])
2932    apply (AOT_subst α φ{α} ¬α ¬φ{α})
2933     apply (simp add: "conventions:4" "≡Df")
2934    apply (AOT_subst ¬¬α ¬φ{α} α ¬φ{α})
2935    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
2936qed
2937lemmas "CBF◇" = "BFs:4"
2938
2939AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
2940proof(rule "→I")
2941  AOT_assume α φ{α}
2942  then AOT_obtain α where φ{α} using "∃E" by metis
2943  moreover AOT_have α
2944    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
2945  moreover AOT_have φ{τ}, τ  α φ{α} for τ
2946  proof -
2947    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
2948    AOT_thus φ{τ}, τ  α φ{α}
2949      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
2950  qed
2951  ultimately AOT_show α φ{α} by blast
2952qed
2953lemmas Buridan = "sign-S5-thm:1"
2954
2955AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
2956proof -
2957  AOT_have α (α φ{α}  φ{α})
2958    by (simp add: "RM◇" "cqt-orig:3" "∀I")
2959  AOT_thus α φ{α}  α φ{α}
2960    using "∀E"(4) "∀I" "→E" "→I" by metis
2961qed
2962lemmas "Buridan◇" = "sign-S5-thm:2"
2963
2964AOT_theorem "sign-S5-thm:3": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
2965  apply (rule "RM:2")
2966  by (metis (no_types, lifting) "instantiation" "&I" "&E"(1)
2967                                "&E"(2) "deduction-theorem" "existential:2[const_var]")
2968
2969AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
2970  apply (rule "RM:2")
2971  by (meson "instantiation" "&E"(1) "deduction-theorem" "existential:2[const_var]")
2972
2973AOT_theorem "sign-S5-thm:5": (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
2974proof -
2975  {
2976    fix φ' ψ' χ'
2977    AOT_assume  φ' & ψ'  χ'
2978    AOT_hence φ' & ψ'  χ'
2979      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
2980      using "&E" "&I" "→E" "→I" by metis
2981  } note R = this
2982  show ?thesis by (rule R; fact AOT)
2983qed
2984
2985AOT_theorem "sign-S5-thm:6": (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
2986proof -
2987  {
2988    fix φ' ψ' χ'
2989    AOT_assume  φ' & ψ'  χ'
2990    AOT_hence φ' & ψ'  χ'
2991      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
2992      using "&E" "&I" "→E" "→I" by metis
2993  } note R = this
2994  show ?thesis by (rule R; fact AOT)
2995qed
2996
2997AOT_theorem "exist-nec2:1": τ  τ
2998  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
2999
3000AOT_theorem "exists-nec2:2": τ  τ
3001  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec" "exist-nec2:1" "≡I" "nec-imp-act")
3002
3003AOT_theorem "exists-nec2:3": ¬τ  ¬τ
3004  using "KBasic2:1" "deduction-theorem" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3005
3006AOT_theorem "exists-nec2:4": ¬τ  ¬τ
3007  by (metis "Act-Sub:3" "KBasic:12" "deduction-theorem" "exist-nec" "exists-nec2:3" "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
3008
3009AOT_theorem "id-nec2:1": α = β  α = β
3010  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
3011
3012AOT_theorem "id-nec2:2": α  β  α  β
3013  apply (AOT_subst α  β ¬(α = β))
3014  using "=-infix"[THEN "≡Df"] apply blast
3015  using "KBasic2:1" "deduction-theorem" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3016
3017AOT_theorem "id-nec2:3": α  β  α  β
3018  apply (AOT_subst α  β ¬(α = β))
3019  using "=-infix"[THEN "≡Df"] apply blast
3020  by (metis "KBasic:11" "deduction-theorem" "id-nec:2" "≡E"(3) "reductio-aa:2" "vdash-properties:6")
3021
3022AOT_theorem "id-nec2:4": α = β  α = β
3023  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
3024
3025AOT_theorem "id-nec2:5": α  β  α  β
3026  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
3027
3028AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
3029  apply (rule "≡I"; rule "→I")
3030  using "KBasic:13" "5◇" "Hypothetical Syllogism" "vdash-properties:10" apply blast
3031  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2) "raa-cor:5" "vdash-properties:6")
3032
3033AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
3034  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "deduction-theorem" "≡I" "nec-imp-act" "raa-cor:2" "vdash-properties:10")
3035
3036AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
3037proof (rule "→I"; rule "≡I"; rule "→I")
3038  AOT_assume (φ  φ)
3039  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
3040  moreover AOT_assume ¬φ
3041  ultimately AOT_have ¬φ
3042    using "modus-tollens:1" by blast
3043  AOT_thus ¬φ
3044    using "KBasic2:1" "≡E"(2) by blast
3045next
3046  AOT_assume (φ  φ)
3047  moreover AOT_assume ¬φ
3048  ultimately AOT_show ¬φ
3049    using "modus-tollens:1" "qml:2" "vdash-properties:10" "vdash-properties:1[2]" by blast
3050qed
3051
3052AOT_theorem "sc-eq-box-box:4": ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3053proof(rule "→I"; rule "→I")
3054  AOT_assume θ: (φ  φ) & (ψ  ψ)
3055  AOT_assume ξ: φ  ψ
3056  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
3057    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
3058  moreover {
3059    AOT_assume φ & ψ
3060    AOT_hence (φ  ψ)
3061      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
3062  }
3063  moreover {
3064    AOT_assume ¬φ & ¬ψ
3065    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
3066      using θ "Conjunction Simplification"(1) "Conjunction Simplification"(2) "sc-eq-box-box:3" "vdash-properties:10" by metis+
3067    ultimately AOT_have ¬φ & ¬ψ
3068      by (metis "&I" "Conjunction Simplification"(1) "Conjunction Simplification"(2) "≡E"(4) "modus-tollens:1" "raa-cor:3")
3069    AOT_hence (φ  ψ)
3070      using "KBasic:3" "KBasic:9" "≡E"(2) "vdash-properties:10" by blast
3071  }
3072  ultimately AOT_show (φ  ψ)
3073    using "∨E"(2) "reductio-aa:1" by blast
3074qed
3075
3076AOT_theorem "sc-eq-box-box:5": ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3077proof (rule "→I")
3078  AOT_assume ((φ  φ) & (ψ  ψ))
3079  AOT_hence ((φ  φ) & (ψ  ψ))
3080    using 4[THEN "→E"] "&E" "&I" "KBasic:3" "≡E"(2) by metis
3081  moreover AOT_have ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3082  proof (rule RM; rule "→I"; rule "→I")
3083    AOT_modally_strict {
3084      AOT_assume A: ((φ  φ) & (ψ  ψ))
3085      AOT_hence φ  φ and ψ  ψ
3086        using "&E" "qml:2"[axiom_inst] "→E" by blast+
3087      moreover AOT_assume φ  ψ
3088      ultimately AOT_have φ  ψ
3089        using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
3090      moreover AOT_have (φ  ψ)  (φ  ψ)
3091        using A "sc-eq-box-box:4" "→E" by blast
3092      ultimately AOT_show (φ  ψ) using "→E" by blast
3093    }
3094  qed
3095  ultimately AOT_show ((φ  ψ)  (φ  ψ)) using "→E" by blast
3096qed
3097
3098AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3099proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3100  AOT_assume ¬(φ  ψ)
3101  AOT_hence ¬(φ  ψ) by (metis "KBasic:11" "≡E"(1))
3102  AOT_hence (φ & ¬ψ)
3103    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3104       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3105  AOT_hence φ and 2: ¬ψ using "KBasic2:3"[THEN "→E"] "&E" by blast+
3106  moreover AOT_assume (φ  φ)
3107  ultimately AOT_have φ by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3108  AOT_hence φ using "qml:2"[axiom_inst, THEN "→E"] by blast
3109  moreover AOT_assume φ  ψ
3110  ultimately AOT_have ψ using "→E" by blast
3111  moreover AOT_have ¬ψ using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3112  ultimately AOT_show ψ & ¬ψ using "&I" by blast
3113qed
3114
3115AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3116proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3117  AOT_assume ¬𝒜(φ  ψ)
3118  AOT_hence 𝒜¬(φ  ψ) by (metis "Act-Basic:1" "∨E"(2))
3119  AOT_hence 𝒜(φ & ¬ψ)
3120    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3121       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3122  AOT_hence 𝒜φ and 2: 𝒜¬ψ using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3123  AOT_hence φ by (metis "Act-Sub:3" "→E")
3124  moreover AOT_assume (φ  φ)
3125  ultimately AOT_have φ by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3126  AOT_hence φ using "qml:2"[axiom_inst, THEN "→E"] by blast
3127  moreover AOT_assume φ  𝒜ψ
3128  ultimately AOT_have 𝒜ψ using "→E" by blast
3129  moreover AOT_have ¬𝒜ψ using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3130  ultimately AOT_show 𝒜ψ & ¬𝒜ψ using "&I" by blast
3131qed
3132
3133AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3134  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3135
3136AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3137  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism" "deduction-theorem" "≡I" "nec-imp-act")
3138
3139AOT_theorem "sc-eq-fur:3": x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3140proof (rule "→I"; rule "→I")
3141  AOT_assume x (φ{x}  φ{x})
3142  AOT_hence A: x (φ{x}  φ{x}) using CBF "→E" by blast
3143  AOT_assume ∃!x φ{x}
3144  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3145    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3146  moreover AOT_have φ{a} using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3147  AOT_hence 𝒜φ{a} using "nec-imp-act" "vdash-properties:6" by blast
3148  moreover AOT_have y (𝒜φ{y}  y = a)
3149  proof (rule "∀I"; rule "→I")
3150    fix b
3151    AOT_assume 𝒜φ{b}
3152    AOT_hence φ{b}
3153      using "Act-Sub:3" "vdash-properties:6" by blast
3154    moreover {
3155      AOT_have (φ{b}  φ{b})
3156        using A "∀E"(2) by blast
3157      AOT_hence φ{b}  φ{b}
3158        using "KBasic:13" "5◇" "Hypothetical Syllogism" "vdash-properties:6" by blast
3159    }
3160    ultimately AOT_have φ{b} using "→E" by blast
3161    AOT_hence φ{b} using "qml:2"[axiom_inst] "→E" by blast
3162    AOT_thus b = a
3163      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3164  qed
3165  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3166    using "&I" by blast
3167  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x)) using "∃I" by fast
3168  AOT_hence ∃!x 𝒜φ{x} using "uniqueness:1"[THEN "≡dfI"] by fast
3169  AOT_thus ιx φ{x}
3170    using "actual-desc:1"[THEN "≡E"(2)] by blast
3171qed
3172
3173AOT_theorem "sc-eq-fur:4": x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3174proof (rule "→I")
3175  AOT_assume x (φ{x}  φ{x})
3176  AOT_hence x (φ{x}  φ{x}) using CBF "→E" by blast
3177  AOT_hence A: 𝒜φ{α}  φ{α} for α using "sc-eq-fur:2" "∀E" "→E" by fast
3178  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3179  proof (rule "≡I"; rule "→I")
3180    AOT_assume x = ιx φ{x}
3181    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3182      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3183    AOT_show φ{x} & z (φ{z}  z = x)
3184    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3185      AOT_show φ{x} using A B[THEN "&E"(1)] "≡E"(1) by blast
3186    next
3187      AOT_show z = x if φ{z} for z
3188        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3189    qed
3190  next
3191    AOT_assume B: φ{x} & z (φ{z}  z = x)
3192    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3193    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3194      AOT_show 𝒜φ{x} using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3195    next
3196      AOT_show b = x if 𝒜φ{b} for b
3197        using that A[THEN "≡E"(1)] B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3198    qed
3199    AOT_thus x = ιx φ{x}
3200      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3201  qed
3202qed
3203
3204AOT_theorem "id-act:1": α = β  𝒜α = β
3205  by (meson "Act-Sub:3" "Hypothetical Syllogism" "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3206
3207AOT_theorem "id-act:2": α  β  𝒜α  β
3208proof (AOT_subst α  β ¬(α = β))
3209  AOT_modally_strict {
3210    AOT_show α  β  ¬(α = β)
3211      by (simp add: "=-infix" "≡Df")
3212  }
3213next
3214  AOT_show ¬(α = β)  𝒜¬(α = β)
3215  proof (safe intro!: "≡I" "→I")
3216    AOT_assume ¬α = β
3217    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3218    AOT_thus 𝒜¬α = β
3219      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3220  next
3221    AOT_assume 𝒜¬α = β
3222    AOT_hence ¬𝒜α = β
3223      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3224    AOT_thus ¬α = β
3225      using "id-act:1" "≡E"(4) by blast
3226  qed
3227qed
3228
3229AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3230proof -
3231  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3232    by (AOT_subst ∃!α φ{α} αβ (φ{β}  β = α))
3233       (auto simp add: "oth-class-taut:3:a" "uniqueness:2")
3234  also AOT_have   α 𝒜β (φ{β}  β = α)
3235    by (simp add: "Act-Basic:10")
3236  also AOT_have   αβ 𝒜(φ{β}  β = α)
3237    by (AOT_subst 𝒜β (φ{β}  β = α) β 𝒜(φ{β}  β = α) for: α)
3238       (auto simp: "logic-actual-nec:3" "vdash-properties:1[2]" "oth-class-taut:3:a")
3239  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3240    by (AOT_subst (reverse) 𝒜φ{β}  𝒜β = α  𝒜(φ{β}  β = α) for: α β :: 'a)
3241       (auto simp: "Act-Basic:5" "cqt-further:7")
3242  also AOT_have   αβ (𝒜φ{β}  β = α)
3243    by (AOT_subst (reverse) 𝒜β = α β = α for: α β :: 'a)
3244       (auto simp: "id-act:1" "cqt-further:7")
3245  also AOT_have ...  ∃!α 𝒜φ{α}
3246    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3247  finally show ?thesis .
3248qed
3249
3250AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3251  by (AOT_subst 𝒜∃!x φ{x} ∃!x 𝒜φ{x})
3252     (auto simp: "actual-desc:1" "A-Exists:1")
3253
3254AOT_theorem "id-act-desc:1": ιx (x = y)
3255proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3256  AOT_show x E!x  E!x]ιx (x = y)
3257  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)]; rule "∃I"; (rule "&I")+)
3258    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3259  next
3260    AOT_show z (𝒜z = y  z = y)
3261      apply (rule "∀I")
3262      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3263  next
3264    AOT_show x E!x  E!x]y
3265    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3266      AOT_show x E!x  E!x]
3267        by "cqt:2[lambda]"
3268    next
3269      AOT_show E!y  E!y 
3270        by (simp add: "if-p-then-p")
3271    qed
3272  qed
3273next
3274  AOT_show x E!x  E!x]
3275    by "cqt:2[lambda]"
3276qed
3277
3278AOT_theorem "id-act-desc:2": y = ιx (x = y)
3279  by (rule descriptions[axiom_inst, THEN "≡E"(2)]; rule "∀I"; rule "id-act:1"[symmetric])
3280
3281AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3282  by (simp add: encoding "vdash-properties:1[2]")
3283
3284AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3285proof (rule "→I")
3286  AOT_assume x1x2[F]
3287  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3288    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3289  moreover AOT_have y [F]yx2] by "cqt:2[lambda]"
3290  moreover AOT_have y [F]x1y] by "cqt:2[lambda]"
3291  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3292    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3293  note A = this
3294  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3295    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3296  AOT_thus x1x2[F]
3297    by (rule "nary-encoding[2]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3298qed
3299
3300AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3301proof (rule "→I")
3302  AOT_assume x1x2x3[F]
3303  AOT_hence x1y [F]yx2x3] and x2y [F]x1yx3] and x3y [F]x1x2y]
3304    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3305  moreover AOT_have y [F]yx2x3] by "cqt:2[lambda]"
3306  moreover AOT_have y [F]x1yx3] by "cqt:2[lambda]"
3307  moreover AOT_have y [F]x1x2y] by "cqt:2[lambda]"
3308  ultimately AOT_have x1y [F]yx2x3] and x2y [F]x1yx3] and x3y [F]x1x2y]
3309    using encoding[axiom_inst, unvarify F] "→E" by blast+
3310  note A = this
3311  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3312    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3313  AOT_thus x1x2x3[F]
3314    by (rule "nary-encoding[3]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3315qed
3316
3317AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3318proof (rule "→I")
3319  AOT_assume x1x2x3x4[F]
3320  AOT_hence x1y [F]yx2x3x4] and x2y [F]x1yx3x4] and x3y [F]x1x2yx4] and  x4y [F]x1x2x3y]
3321    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3322  moreover AOT_have y [F]yx2x3x4] by "cqt:2[lambda]"
3323  moreover AOT_have y [F]x1yx3x4] by "cqt:2[lambda]"
3324  moreover AOT_have y [F]x1x2yx4] by "cqt:2[lambda]"
3325  moreover AOT_have y [F]x1x2x3y] by "cqt:2[lambda]"
3326  ultimately AOT_have x1y [F]yx2x3x4] and x2y [F]x1yx3x4] and x3y [F]x1x2yx4] and x4y [F]x1x2x3y]
3327    using "→E" encoding[axiom_inst, unvarify F] by blast+
3328  note A = this
3329  AOT_have B: (x1y [F]yx2x3x4] & x2y [F]x1yx3x4] & x3y [F]x1x2yx4] & x4y [F]x1x2x3y])
3330    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3331  AOT_thus x1x2x3x4[F]
3332    by (rule "nary-encoding[4]"[axiom_inst, THEN RN, THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3333qed
3334
3335AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
3336proof (rule "→I"; rule "raa-cor:1")
3337  AOT_assume ¬¬x1[F]
3338  AOT_hence x1[F]
3339    by (rule "conventions:5"[THEN "≡dfI"])
3340  AOT_hence x1[F]
3341    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3342  moreover AOT_assume ¬x1[F]
3343  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
3344qed
3345AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
3346proof (rule "→I"; rule "raa-cor:1")
3347  AOT_assume ¬¬x1x2[F]
3348  AOT_hence x1x2[F]
3349    by (rule "conventions:5"[THEN "≡dfI"])
3350  AOT_hence x1x2[F]
3351    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3352  moreover AOT_assume ¬x1x2[F]
3353  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
3354qed
3355
3356AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3357proof (rule "→I"; rule "raa-cor:1")
3358  AOT_assume ¬¬x1x2x3[F]
3359  AOT_hence x1x2x3[F]
3360    by (rule "conventions:5"[THEN "≡dfI"])
3361  AOT_hence x1x2x3[F]
3362    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3363  moreover AOT_assume ¬x1x2x3[F]
3364  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
3365qed
3366
3367AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3368proof (rule "→I"; rule "raa-cor:1")
3369  AOT_assume ¬¬x1x2x3x4[F]
3370  AOT_hence x1x2x3x4[F]
3371    by (rule "conventions:5"[THEN "≡dfI"])
3372  AOT_hence x1x2x3x4[F]
3373    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN], THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3374  moreover AOT_assume ¬x1x2x3x4[F]
3375  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
3376qed
3377
3378AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
3379  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
3380AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
3381  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
3382AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3383  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
3384AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3385  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
3386
3387AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
3388  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
3389AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
3390  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
3391AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
3392  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
3393AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
3394  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
3395
3396AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
3397  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[1]"] "≡I" by blast
3398AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
3399  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[2]"] "≡I" by blast
3400AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
3401  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[3]"] "≡I" by blast
3402AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
3403  using "T◇" "derived-S5-rules:2"[where Γ="{}", OF "pre-en-eq:1[4]"] "≡I" by blast
3404
3405AOT_theorem "en-eq:4[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3406  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3407  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
3408AOT_theorem "en-eq:4[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3409  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3410  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
3411AOT_theorem "en-eq:4[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3412  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3413  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
3414AOT_theorem "en-eq:4[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3415  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
3416  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
3417
3418AOT_theorem "en-eq:5[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3419  apply (rule "≡I"; rule "→I")
3420  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3421  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3422        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]] by blast
3423AOT_theorem "en-eq:5[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3424  apply (rule "≡I"; rule "→I")
3425  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3426  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3427        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]] by blast
3428AOT_theorem "en-eq:5[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3429  apply (rule "≡I"; rule "→I")
3430  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3431  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3432        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]] by blast
3433AOT_theorem "en-eq:5[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3434  apply (rule "≡I"; rule "→I")
3435  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"] apply blast
3436  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
3437        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]] by blast
3438
3439AOT_theorem "en-eq:6[1]": (x1[F]  y1[G])  (x1[F]  y1[G])
3440  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
3441AOT_theorem "en-eq:6[2]": (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
3442  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
3443AOT_theorem "en-eq:6[3]": (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
3444  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
3445AOT_theorem "en-eq:6[4]": (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
3446  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
3447
3448AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
3449  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
3450AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
3451  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
3452AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3453  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
3454AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3455  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
3456
3457AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
3458  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3459AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
3460  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3461AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3462  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3463AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3464  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "KBasic:11" "≡E"(5)[symmetric] by blast
3465
3466AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
3467  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
3468AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
3469  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
3470AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
3471  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
3472AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
3473  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
3474
3475AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
3476  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
3477AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
3478  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
3479AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
3480  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
3481AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
3482  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1) "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
3483
3484AOT_theorem "oa-facts:1": O!x  O!x
3485proof(rule "→I")
3486  AOT_modally_strict {
3487    AOT_have x E!x]x  E!x
3488      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
3489  } note θ = this
3490  AOT_assume O!x
3491  AOT_hence x E!x]x
3492    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2[lambda]"
3493  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
3494  AOT_hence E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
3495  AOT_hence x E!x]x
3496    by (AOT_subst x E!x]x E!x)
3497       (auto simp: θ)
3498  AOT_thus O!x
3499    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2[lambda]"
3500qed
3501
3502AOT_theorem "oa-facts:2": A!x  A!x
3503proof(rule "→I")
3504  AOT_modally_strict {
3505    AOT_have x ¬E!x]x  ¬E!x
3506      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2[lambda]"
3507  } note θ = this
3508  AOT_assume A!x
3509  AOT_hence x ¬E!x]x
3510    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
3511  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
3512  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
3513  AOT_hence ¬E!x using "4"[THEN "→E"] by blast
3514  AOT_hence ¬E!x
3515    using "KBasic2:1"
3516    by (AOT_subst (reverse) ¬E!x ¬E!x) blast
3517  AOT_hence x ¬E!x]x
3518    by (AOT_subst x ¬E!x]x ¬E!x)
3519       (auto simp: θ)
3520  AOT_thus A!x
3521    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
3522qed
3523
3524AOT_theorem "oa-facts:3": O!x  O!x
3525  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
3526AOT_theorem "oa-facts:4": A!x  A!x
3527  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
3528
3529AOT_theorem "oa-facts:5": O!x  O!x
3530  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:1" "oa-facts:3")
3531
3532AOT_theorem "oa-facts:6": A!x  A!x
3533  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:2" "oa-facts:4")
3534
3535AOT_theorem "oa-facts:7": O!x  𝒜O!x
3536  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:1" "oa-facts:3")
3537
3538AOT_theorem "oa-facts:8": A!x  𝒜A!x
3539  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act" "oa-facts:2" "oa-facts:4")
3540
3541AOT_theorem "beta-C-meta": μ1...μn φ{μ1...μn, ν1...νn}]  (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
3542  using "lambda-predicates:2"[axiom_inst] by blast
3543
3544AOT_theorem "beta-C-cor:1": (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}]))  ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
3545  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
3546  using "beta-C-meta" "∀I" by fast
3547
3548AOT_theorem "beta-C-cor:2": μ1...μn φ{μ1...μn}]  ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
3549  apply (rule "→I"; rule "∀I")
3550  using "beta-C-meta"[THEN "→E"] by fast
3551
3552(* TODO: syntax + double-check if this is really a faithful representation *)
3553theorem "beta-C-cor:3": assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
3554  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn,μ1...μn}]ν1...νn  φ{ν1...νn,ν1...νn})]
3555  using "cqt:2[lambda]"[axiom_inst, OF assms] "beta-C-cor:1"[THEN "→E"] "∀I" by fast
3556
3557AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
3558proof -
3559  AOT_modally_strict {
3560    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
3561    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
3562      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
3563    ultimately AOT_show φ{κ1...κn}
3564      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
3565  }
3566qed
3567
3568AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
3569  using "betaC:1:a" "raa-cor:3" by blast
3570
3571lemmas "β→C" = "betaC:1:a" "betaC:1:b"
3572
3573AOT_theorem "betaC:2:a": μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn}  μ1...μn φ{μ1...μn}]κ1...κn
3574proof -
3575  AOT_modally_strict {
3576    AOT_assume 1: μ1...μn φ{μ1...μn}] and 2: κ1...κn and 3: φ{κ1...κn}
3577    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
3578      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)] by blast
3579  }
3580  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn}  μ1...μn φ{μ1...μn}]κ1...κn
3581    by blast
3582qed
3583
3584AOT_theorem "betaC:2:b": μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn  ¬φ{κ1...κn}
3585  using "betaC:2:a" "raa-cor:3" by blast
3586
3587lemmas "β←C" = "betaC:2:a" "betaC:2:b"
3588
3589AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
3590  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
3591
3592AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
3593  using "eta-conversion-lemma1:1". (* TODO: spurious in the embedding *)
3594
3595(* match (τ) in "λa . ?b" ⇒ ‹match (τ') in "λa . ?b" ⇒ ‹fail›› ¦ _ ⇒ ‹ *)
3596
3597text‹Note: not explicitly part of PLM.›
3598AOT_theorem id_sym: assumes τ = τ' shows τ' = τ
3599  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
3600        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
3601declare id_sym[sym]
3602
3603text‹Note: not explicitly part of PLM.›
3604AOT_theorem id_trans: assumes τ = τ' and τ' = τ'' shows τ = τ''
3605  using "rule=E" assms by blast
3606declare id_trans[trans]
3607
3608method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> = (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  3609rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"[THEN "→E", of v "«[Π]»", symmetric]]
3610)
3611(*
3612AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
3613  apply ("ηC" "«[P]»") defer
3614   apply ("ηC" "«[S]»") defer
3615  oops
3616*)
3617(* TODO: proper representation of eta_conversion_lemma2 *)
3618
3619AOT_theorem "sub-des-lam:1": z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}  z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
3620proof(rule "→I")
3621  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
3622  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
3623    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, τ}]»",
3624               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
3625    by blast
3626qed
3627
3628AOT_theorem "sub-des-lam:2": ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
3629  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»", OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
3630
3631AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
3632proof(rule "≡I"; rule "→I")
3633  AOT_assume F = G
3634  AOT_thus x (x[F]  x[G])
3635    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
3636next
3637  AOT_assume x (x[F]  x[G])
3638  AOT_hence x[F]  x[G] for x using "∀E" by blast
3639  AOT_hence (x[F]  x[G]) for x using "en-eq:6[1]"[THEN "≡E"(1)] by blast
3640  AOT_hence x (x[F]  x[G]) by (rule GEN)
3641  AOT_hence x (x[F]  x[G]) using BF[THEN "→E"] by fast
3642  AOT_thus "F = G" using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
3643qed
3644
3645AOT_theorem "relations:1":
3646  assumes INSTANCE_OF_CQT_2(φ)
3647  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
3648  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
3649  using "cqt:2[lambda]"[OF assms, axiom_inst] "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
3650
3651AOT_theorem "relations:2":
3652  assumes INSTANCE_OF_CQT_2(φ)
3653  shows F x ([F]x  φ{x})
3654  using "relations:1" assms by blast
3655
3656AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
3657proof(rule RAA(2))
3658  let ="λ τ. «G (τ[G] & ¬[G]τ)»"
3659  AOT_assume A: x « x»]
3660  AOT_have x (A!x & F (x[F]  F = x « x»]))
3661    using "A-objects"[axiom_inst] by fast
3662  then AOT_obtain a where ξ: A!a & F (a[F]  F = x « x»])
3663    using "∃E"[rotated] by blast
3664  AOT_show ¬x G (x[G] & ¬[G]x)]
3665  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3666    AOT_assume B: x « x»]a
3667    AOT_hence G (a[G] & ¬[G]a) using "β→C" A by blast
3668    then AOT_obtain P where a[P] & ¬[P]a using "∃E"[rotated] by blast
3669    moreover AOT_have P = x « x»]
3670      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] calculation[THEN "&E"(1)] by blast
3671    ultimately AOT_have ¬x « x»]a
3672      using "rule=E" "&E"(2) by fast
3673    AOT_thus ¬x G (x[G] & ¬[G]x)] using B RAA by blast
3674  next
3675    AOT_assume B: ¬x « x»]a
3676    AOT_hence ¬G (a[G] & ¬[G]a) using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
3677    AOT_hence C: G ¬(a[G] & ¬[G]a) using "cqt-further:4"[THEN "→E"] by blast
3678    AOT_have G (a[G]  [G]a)
3679      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
3680         (auto simp: "oth-class-taut:1:a" C)
3681    AOT_hence ax « x»]  x « x»]a using "∀E" A by blast
3682    moreover AOT_have ax « x»] using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
3683      using "=I"(1)[OF A] by blast
3684    ultimately AOT_show ¬x G (x[G] & ¬[G]x)] using B "→E" RAA by blast
3685  qed
3686qed(simp)
3687
3688AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
3689proof(rule RAA(2))
3690  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
3691  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x)) using "∃E"[rotated] by blast
3692  AOT_have x (A!x & G (x[G]  G = F))
3693    using "A-objects"[axiom_inst] by fast
3694  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
3695    using "∃E"[rotated] by blast
3696  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
3697  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3698    AOT_assume B: [F]a
3699    AOT_hence G (a[G] & ¬[G]a) using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
3700    then AOT_obtain P where a[P] & ¬[P]a using "∃E"[rotated] by blast
3701    moreover AOT_have P = F
3702      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)] calculation[THEN "&E"(1)] by blast
3703    ultimately AOT_have ¬[F]a
3704      using "rule=E" "&E"(2) by fast
3705    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x)) using B RAA by blast
3706  next
3707    AOT_assume B: ¬[F]a
3708    AOT_hence ¬G (a[G] & ¬[G]a)
3709      using "oth-class-taut:4:b"[THEN "≡E"(1), OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)] by simp
3710    AOT_hence C: G ¬(a[G] & ¬[G]a) using "cqt-further:4"[THEN "→E"] by blast
3711    AOT_have G (a[G]  [G]a)
3712      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
3713         (auto simp: "oth-class-taut:1:a" C)
3714    AOT_hence a[F]  [F]a using "∀E" by blast
3715    moreover AOT_have a[F] using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
3716      using "=I"(2) by blast
3717    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x)) using B "→E" RAA by blast
3718  qed
3719qed(simp)
3720
3721AOT_theorem "block-paradox:3": ¬y z z = y]
3722proof(rule RAA(2))
3723  AOT_assume θ: y z z = y]
3724  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
3725    using "A-objects"[axiom_inst] by force
3726  then AOT_obtain a where a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
3727    using "∃E"[rotated] by blast
3728  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
3729    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
3730  AOT_show ¬y z z = y]
3731  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3732    AOT_assume A: az z = a]
3733    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
3734      using ζ[THEN "≡E"(1)] by blast
3735    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
3736      using "∃E"[rotated] by blast
3737    moreover AOT_have a = a by (rule "=I")
3738    moreover AOT_have z z = a] using θ "∀E" by blast
3739    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
3740    ultimately AOT_have z z = a]a using "β←C" by blast
3741    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
3742    AOT_hence a = b using "β→C" by blast
3743    AOT_hence bz z = a] using A "rule=E" by fast
3744    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
3745  next
3746    AOT_assume A: ¬az z = a]
3747    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
3748      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
3749    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
3750      using "cqt-further:4"[THEN "→E"] by blast
3751    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
3752      using "∀E" by blast
3753    AOT_hence z z = a] = z z = a]  az z = a]
3754      by (metis "&I" "deduction-theorem" "raa-cor:4")
3755    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
3756    AOT_thus ¬y z z = y] using A RAA by blast
3757  qed
3758qed(simp)
3759
3760AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
3761proof(rule RAA(2))
3762  AOT_assume θ: y F x([F]x  x = y)
3763  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
3764    using "A-objects"[axiom_inst] by force
3765  then AOT_obtain a where a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
3766    using "∃E"[rotated] by blast
3767  AOT_obtain F where F_prop: x ([F]x  x = a) using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
3768  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
3769    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
3770  AOT_show ¬y F x([F]x  x = y)
3771  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
3772    AOT_assume A: a[F]
3773    AOT_hence z (y ([F]y  y = z) & ¬z[F])
3774      using ζ[THEN "≡E"(1)] by blast
3775    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
3776      using "∃E"[rotated] by blast
3777    moreover AOT_have [F]a using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
3778    ultimately AOT_have a = b using "∀E"(2) "≡E"(1) "&E" by fast
3779    AOT_hence a = b using "β→C" by blast
3780    AOT_hence b[F] using A "rule=E" by fast
3781    AOT_thus ¬y F x([F]x  x = y) using b_prop[THEN "&E"(2)] RAA by blast
3782  next
3783    AOT_assume A: ¬a[F]
3784    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
3785      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
3786    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
3787      using "cqt-further:4"[THEN "→E"] by blast
3788    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
3789      using "∀E" by blast
3790    AOT_hence y ([F]y  y = a)  a[F]
3791      by (metis "&I" "deduction-theorem" "raa-cor:4")
3792    AOT_hence a[F] using F_prop "→E" by blast
3793    AOT_thus ¬y F x([F]x  x = y) using A RAA by blast
3794  qed
3795qed(simp)
3796
3797AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
3798proof(rule "raa-cor:2")
3799  AOT_assume Fxy([F]xy  y = x)
3800  then AOT_obtain F where F_prop: xy([F]xy  y = x) using "∃E"[rotated] by blast
3801  {
3802    fix x
3803    AOT_have 1: y([F]xy  y = x) using F_prop "∀E" by blast
3804    AOT_have 2: z [F]xz] by "cqt:2[lambda]"
3805    moreover AOT_have y(z [F]xz]y  y = x)
3806    proof(rule "∀I")
3807      fix y
3808      AOT_have z [F]xz]y  [F]xy
3809        using "beta-C-meta"[THEN "→E"] 2 by fast
3810      also AOT_have ...  y = x using 1 "∀E"
3811        by fast
3812      finally AOT_show z [F]xz]y  y = x.
3813    qed
3814    ultimately AOT_have Fy([F]y  y = x)
3815      using "∃I" by fast
3816  }
3817  AOT_hence xFy([F]y  y = x)
3818    by (rule GEN)
3819  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
3820    using "&I" "block-paradox:4" by blast
3821qed
3822
3823AOT_act_theorem "block-paradox2:1": x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3824proof(rule "→I"; rule "raa-cor:2")
3825  AOT_assume antecedant: x [G]x
3826  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
3827  proof(rule GEN)
3828    fix x
3829    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x))  ∃!y (y = x & H (x[H] & ¬[H]x))
3830    proof(rule "≡I"; rule "→I")
3831      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
3832      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
3833        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
3834      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
3835        using "1-exists:1"[THEN "≡E"(1)] by blast
3836    next
3837      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
3838      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x) and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
3839        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
3840      AOT_have a_3: [G]a
3841        using antecedant "∀E" by blast
3842      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
3843        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
3844        apply (rule "∃I"(2))
3845        using a_1 a_2 a_3 "&I" by blast
3846    qed
3847    also AOT_have B: ...  H (x[H] & ¬[H]x)
3848    proof (rule "≡I"; rule "→I")
3849      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
3850      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
3851        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
3852      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
3853    next
3854      AOT_assume H (x[H] & ¬[H]x)
3855      AOT_hence x = x & H (x[H] & ¬[H]x)
3856        using "id-eq:1" "&I" by blast
3857      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
3858        by (simp add: "Conjunction Simplification"(1) "universal-cor")
3859      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
3860        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
3861    qed
3862    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
3863  qed
3864
3865  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3866  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  [G]ιy(y = x & H (x[H] & ¬[H]x)))
3867    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
3868  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
3869    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
3870  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
3871    using "∃I"(1) A by fast
3872  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) & (¬F x ([F]x  H (x[H] & ¬[H]x)))
3873    using "block-paradox:2" "&I" by blast
3874qed
3875
3876AOT_act_theorem "block-paradox2:2": G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
3877proof(rule "∃I"(1))
3878  AOT_have 0: x p (p p)]
3879    by "cqt:2[lambda]"
3880  moreover AOT_have x x p (p p)]x
3881    apply (rule GEN)
3882    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
3883    using "if-p-then-p" GEN by fast
3884  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
3885      using "block-paradox2:1" "∀I" by fast
3886  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
3887    using "∀E"(1) "→E" by blast
3888qed("cqt:2[lambda]")
3889
3890AOT_theorem propositions: p (p  φ)
3891proof(rule "∃I"(1))
3892  AOT_show (φ  φ)
3893    by (simp add: RN "oth-class-taut:3:a")
3894next
3895  AOT_show φ
3896    by (simp add: "log-prop-prop:2")
3897qed
3898
3899AOT_theorem "pos-not-equiv-ne:1": (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
3900proof (rule "→I")
3901  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
3902  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
3903    using "KBasic:11"[THEN "≡E"(2)] by blast
3904  AOT_hence ¬(F = G)
3905    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
3906  AOT_thus F  G
3907    using "=-infix"[THEN "≡dfI"] by blast
3908qed
3909
3910AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
3911proof (rule "→I")
3912  AOT_modally_strict {
3913    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
3914    proof (rule "→I"; rule "raa-cor:2")
3915      AOT_assume 1: F = G
3916      AOT_hence φ{F}  φ{G} using "l-identity"[axiom_inst, THEN "→E"] by blast
3917      moreover {
3918        AOT_have G = F using 1 id_sym by blast
3919        AOT_hence φ{G}  φ{F} using "l-identity"[axiom_inst, THEN "→E"] by blast
3920      }
3921      ultimately AOT_have φ{F}  φ{G} using "≡I" by blast
3922      moreover AOT_assume ¬(φ{F}  φ{G})
3923      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
3924        using "&I" by blast
3925    qed
3926  }
3927  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
3928    using "RM:2[prem]" by blast
3929  moreover AOT_assume ¬(φ{F}  φ{G})
3930  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
3931  AOT_have (F  G)
3932    by (AOT_subst F  G ¬(F = G))
3933       (auto simp: "=-infix" "≡Df" 0)
3934  AOT_thus F  G
3935    using "id-nec2:3"[THEN "→E"] by blast
3936qed
3937
3938AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
3939proof (rule "→I")
3940  AOT_modally_strict {
3941    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
3942    proof (rule "→I"; rule "raa-cor:2")
3943      AOT_assume 1: p = q
3944      AOT_hence φ{p}  φ{q} using "l-identity"[axiom_inst, THEN "→E"] by blast
3945      moreover {
3946        AOT_have q = p using 1 id_sym by blast
3947        AOT_hence φ{q}  φ{p} using "l-identity"[axiom_inst, THEN "→E"] by blast
3948      }
3949      ultimately AOT_have φ{p}  φ{q} using "≡I" by blast
3950      moreover AOT_assume ¬(φ{p}  φ{q})
3951      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
3952        using "&I" by blast
3953    qed
3954  }
3955  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
3956    using "RM:2[prem]" by blast
3957  moreover AOT_assume ¬(φ{p}  φ{q})
3958  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
3959  AOT_have (p  q)
3960    by (AOT_subst p  q ¬(p = q))
3961       (auto simp: 0 "=-infix" "≡Df")
3962  AOT_thus p  q
3963    using "id-nec2:3"[THEN "→E"] by blast
3964qed
3965
3966AOT_theorem "pos-not-equiv-ne:3": (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
3967  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
3968
3969AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
3970  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
3971
3972AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
3973  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"] "T◇"[THEN "→E"] by blast
3974
3975AOT_define relation_negation ::  Π" ("_-")
3976  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
3977
3978nonterminal φneg
3979syntax "" :: "φneg  τ" ("_")
3980syntax "" :: "φneg  φ" ("'(_')")
3981
3982AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
3983  "df-relation-negation[zero]": "(p)- =df  ¬p]"
3984
3985AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
3986  by "cqt:2[lambda]"
3987
3988AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
3989  using "cqt:2[lambda0]"[axiom_inst] by blast
3990
3991AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
3992  using "=I"(1)[OF "rel-neg-T:1"]
3993  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
3994
3995AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
3996  using "=I"(1)[OF "rel-neg-T:1[zero]"]
3997  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
3998
3999AOT_theorem "rel-neg-T:3": [Π]-
4000  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"] "rel-neg-T:1" by blast
4001
4002AOT_theorem "rel-neg-T:3[zero]": (φ)-
4003  using "log-prop-prop:2" by blast
4004(*  using "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"] "rel-neg-T:1[zero]" by blast *)
4005
4006(* Note: PLM states the zero place case twice *)
4007AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
4008proof -
4009  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
4010    using "rule=E"[rotated, OF "rel-neg-T:2"] "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
4011    "→I" "≡I" by fast
4012  also AOT_have ...  ¬[F]x1...xn
4013    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
4014  finally show ?thesis.
4015qed
4016
4017AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
4018  apply (AOT_subst [F]x1...xn ¬¬[F]x1...xn)
4019   apply (simp add: "oth-class-taut:3:b")
4020  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4021  using "thm-relation-negation:1".
4022
4023AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
4024proof -
4025  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
4026  AOT_hence ((p)-)   ¬p]
4027    using "df-relation-negation[zero]" "log-prop-prop:2" "oth-class-taut:3:a" "rule-id-df:2:a" by blast
4028  also AOT_have  ¬p]  ¬p
4029    by (simp add: "propositions-lemma:2")
4030  finally show ?thesis.
4031qed
4032
4033AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
4034  using "thm-relation-negation:3"[THEN "≡E"(1)]
4035        "thm-relation-negation:3"[THEN "≡E"(2)]
4036        "≡I" "→I" RAA by metis
4037
4038AOT_theorem "thm-relation-negation:5": [F]  [F]-
4039proof -
4040  AOT_have ¬([F] = [F]-)
4041  proof (rule RAA(2))
4042    AOT_show [F]x1...xn  [F]x1...xn for x1xn
4043      using "if-p-then-p".
4044  next
4045    AOT_assume [F] = [F]-
4046    AOT_hence [F]- = [F] using id_sym by blast
4047    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
4048      using "rule=E" "thm-relation-negation:1" by fast
4049    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
4050      using "≡E" RAA by metis
4051  qed
4052  thus ?thesis
4053    using "≡dfI" "=-infix" by blast
4054qed
4055
4056AOT_theorem "thm-relation-negation:6": p  (p)-
4057proof -
4058  AOT_have ¬(p = (p)-)
4059  proof (rule RAA(2))
4060    AOT_show p  p
4061      using "if-p-then-p".
4062  next
4063    AOT_assume p = (p)-
4064    AOT_hence (p)- = p using id_sym by blast
4065    AOT_hence p  ¬p
4066      using "rule=E" "thm-relation-negation:3" by fast
4067    AOT_thus ¬(p  p)
4068      using "≡E" RAA by metis
4069  qed
4070  thus ?thesis
4071    using "≡dfI" "=-infix" by blast
4072qed
4073
4074AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
4075  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
4076  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]" "propositions-lemma:1" id_trans by blast+
4077
4078AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
4079proof(rule "→I")
4080  AOT_assume p = q
4081  moreover AOT_have (¬p) using "log-prop-prop:2".
4082  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
4083  ultimately AOT_show (¬p) = (¬q)
4084    using "rule=E" by fast
4085qed
4086
4087AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
4088proof(rule "→I")
4089  AOT_assume p = q
4090  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
4091  AOT_thus (p)- = (q)-
4092    using "thm-relation-negation:7" id_sym id_trans by metis
4093qed
4094
4095AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4096  "contingent-properties:1": Necessary([F]) df x1...∀xn [F]x1...xn
4097
4098AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4099  "contingent-properties:1[zero]": Necessary0(p) df p
4100
4101AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4102  "contingent-properties:2": Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
4103
4104AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
4105  "contingent-properties:2[zero]": Impossible0(p) df ¬p
4106
4107AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
4108  "contingent-properties:3": NonContingent([F]) df Necessary([F])  Impossible([F])
4109
4110AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
4111  "contingent-properties:3[zero]": NonContingent0(p) df Necessary0(p)  Impossible0(p)
4112
4113AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
4114  "contingent-properties:4": Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
4115
4116AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
4117  "contingent-properties:4[zero]": Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
4118
4119
4120AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
4121proof (rule "≡I"; rule "→I")
4122  AOT_assume NonContingent([F])
4123  AOT_hence Necessary([F])  Impossible([F])
4124    using "≡dfE"[OF "contingent-properties:3"] by blast
4125  moreover {
4126    AOT_assume Necessary([F])
4127    AOT_hence (x1...∀xn [F]x1...xn)
4128      using "≡dfE"[OF "contingent-properties:1"] by blast
4129    moreover AOT_modally_strict {
4130      AOT_assume x1...∀xn [F]x1...xn
4131      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
4132      AOT_hence ¬[F]-x1...xn for x1xn
4133        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:2" "≡E"(1))
4134      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
4135    }
4136    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
4137      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
4138    AOT_hence Impossible([F]-)
4139      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "rel-neg-T:3", THEN "≡E"(2)]
4140      by blast
4141  }
4142  moreover {
4143    AOT_assume Impossible([F])
4144    AOT_hence (x1...∀xn ¬[F]x1...xn)
4145      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
4146      by blast
4147    moreover AOT_modally_strict {
4148      AOT_assume x1...∀xn ¬[F]x1...xn
4149      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
4150      AOT_hence [F]-x1...xn for x1xn
4151        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:1" "≡E"(1))
4152      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
4153    }
4154    ultimately AOT_have (x1...∀xn [F]-x1...xn)
4155      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
4156    AOT_hence Necessary([F]-)
4157      using "≡dfI"[OF "contingent-properties:1"] by blast
4158  }
4159  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
4160    using "∨E"(1) "∨I" "→I" by metis
4161  AOT_thus NonContingent([F]-)
4162    using "≡dfI"[OF "contingent-properties:3"] by blast
4163next
4164  AOT_assume NonContingent([F]-)
4165  AOT_hence Necessary([F]-)  Impossible([F]-)
4166    using "≡dfE"[OF "contingent-properties:3"] by blast
4167  moreover {
4168    AOT_assume Necessary([F]-)
4169    AOT_hence (x1...∀xn [F]-x1...xn)
4170      using "≡dfE"[OF "contingent-properties:1"] by blast
4171    moreover AOT_modally_strict {
4172      AOT_assume x1...∀xn [F]-x1...xn
4173      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
4174      AOT_hence ¬[F]x1...xn for x1xn
4175        by (meson "≡E"(6) "oth-class-taut:3:a" "thm-relation-negation:1" "≡E"(2))
4176      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
4177    }
4178    ultimately AOT_have x1...∀xn ¬[F]x1...xn
4179      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
4180    AOT_hence Impossible([F])
4181      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
4182      by blast
4183  }
4184  moreover {
4185    AOT_assume Impossible([F]-)
4186    AOT_hence (x1...∀xn ¬[F]-x1...xn)
4187      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1), OF "rel-neg-T:3", THEN "≡E"(1)]
4188      by blast
4189    moreover AOT_modally_strict {
4190      AOT_assume x1...∀xn ¬[F]-x1...xn
4191      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
4192      AOT_hence [F]x1...xn for x1xn 
4193        using "thm-relation-negation:1"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4194              "useful-tautologies:1"[THEN "→E"] by blast
4195      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
4196    }
4197    ultimately AOT_have (x1...∀xn [F]x1...xn)
4198      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
4199    AOT_hence Necessary([F])
4200      using "≡dfI"[OF "contingent-properties:1"] by blast
4201  }
4202  ultimately AOT_have Necessary([F])  Impossible([F])
4203    using "∨E"(1) "∨I" "→I" by metis
4204  AOT_thus NonContingent([F])
4205    using "≡dfI"[OF "contingent-properties:3"] by blast
4206qed
4207
4208AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
4209proof -
4210  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
4211    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst]]
4212    by blast
4213  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
4214    using "oth-class-taut:5:d" by fastforce
4215  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
4216    by (simp add: "Commutativity of &")
4217  also AOT_have ...  x [F]x & ¬Necessary([F])
4218  proof (rule "oth-class-taut:4:e"[THEN "→E"])
4219    AOT_have ¬Impossible([F])  ¬¬ x [F]x
4220      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4221      apply (AOT_subst x [F]x ¬ x ¬[F]x)
4222       apply (simp add: "conventions:4" "≡Df")
4223      apply (AOT_subst (reverse) ¬¬x ¬[F]x x ¬[F]x)
4224       apply (simp add: "oth-class-taut:3:b")
4225      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst]] by blast
4226    also AOT_have ...  x [F]x
4227      using "conventions:5"[THEN "≡Df", symmetric] by blast
4228    finally AOT_show ¬Impossible([F])  x [F]x .
4229  qed
4230  also AOT_have ...  x [F]x & x ¬[F]x
4231  proof (rule "oth-class-taut:4:f"[THEN "→E"])
4232    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
4233      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4234      apply (AOT_subst x ¬[F]x ¬ x ¬¬[F]x)
4235       apply (simp add: "conventions:4" "≡Df")
4236      apply (AOT_subst (reverse) ¬¬[F]x [F]x for: x)
4237       apply (simp add: "oth-class-taut:3:b")
4238      apply (AOT_subst (reverse) ¬¬x [F]x x [F]x)
4239      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
4240    also AOT_have ...  x ¬[F]x
4241      using "conventions:5"[THEN "≡Df", symmetric] by blast
4242    finally AOT_show ¬Necessary([F])  x ¬[F]x.
4243  qed
4244  finally show ?thesis.
4245qed
4246
4247AOT_theorem "thm-cont-prop:3": Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
4248proof -
4249  {
4250    fix Π :: <κ>
4251    AOT_assume Π
4252    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
4253      using "thm-cont-prop:2" GEN by fast
4254    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
4255      using "thm-cont-prop:2" "∀E" by fast
4256  } note 1 = this
4257  AOT_have Contingent([F])  x [F]x & x ¬[F]x
4258    using "thm-cont-prop:2" by blast
4259  also AOT_have ...  x ¬[F]x & x [F]x
4260    by (simp add: "Commutativity of &")
4261  also AOT_have ...  x [F]-x & x [F]x
4262    by (AOT_subst [F]-x ¬[F]x for: x)
4263       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
4264  also AOT_have ...  x [F]-x & x ¬[F]-x
4265    by (AOT_subst (reverse) [F]x ¬[F]-x for: x)
4266       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
4267  also AOT_have ...  Contingent([F]-)
4268    using 1[OF "rel-neg-T:3", symmetric] by blast
4269  finally show ?thesis.
4270qed
4271
4272AOT_define concrete_if_concrete :: ‹Π› ("L")  L_def: L =df x E!x  E!x]
4273
4274AOT_theorem "thm-noncont-e-e:1": Necessary(L)
4275proof -
4276  AOT_modally_strict {
4277    fix x
4278    AOT_have x E!x  E!x] by "cqt:2[lambda]"
4279    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
4280    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
4281    ultimately AOT_have x E!x  E!x]x
4282      using "β←C" by blast
4283  }
4284  AOT_hence 0: x x E!x  E!x]x
4285    using RN GEN by blast
4286  show ?thesis
4287    apply (rule "=dfI"(2)[OF L_def])
4288     apply "cqt:2[lambda]"
4289    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
4290qed
4291
4292AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
4293proof -
4294  AOT_modally_strict {
4295    fix x
4296
4297    AOT_have 0: F (¬[F]-x  [F]x)
4298      using "thm-relation-negation:2" GEN by fast
4299    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
4300      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
4301    moreover {
4302      AOT_have x E!x  E!x] by "cqt:2[lambda]"
4303      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
4304      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
4305      ultimately AOT_have x E!x  E!x]x
4306        using "β←C" by blast
4307    }
4308    ultimately AOT_have ¬x E!x  E!x]-x
4309      using "≡E" by blast
4310  }
4311  AOT_hence 0: x ¬x E!x  E!x]-x
4312    using RN GEN by fast
4313  show ?thesis
4314    apply (rule "=dfI"(2)[OF L_def])
4315     apply "cqt:2[lambda]"
4316    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
4317     using "rel-neg-T:3"
4318     apply blast
4319    using 0
4320    by blast
4321qed
4322
4323AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
4324  using "thm-noncont-e-e:1"
4325  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
4326
4327AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
4328proof -
4329  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
4330    using "thm-cont-prop:1" "∀I" by fast
4331  moreover AOT_have 1: L
4332    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4333  AOT_show NonContingent([L]-)
4334    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
4335qed
4336
4337AOT_theorem "thm-noncont-e-e:5": F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
4338proof (rule "∃I")+
4339  {
4340    AOT_have F [F]  [F]- using "thm-relation-negation:5" GEN by fast
4341    moreover AOT_have L
4342      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4343    ultimately AOT_have L  [L]- using "∀E" by blast
4344  }
4345  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
4346    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
4347next
4348  AOT_show [L]-
4349    using "rel-neg-T:3" by blast
4350next
4351  AOT_show L
4352      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
4353qed
4354
4355AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
4356proof -
4357  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
4358    using "BF◇" "CBF◇" "≡I" by blast
4359  also AOT_have   x ([F]x &  ¬[F]x)
4360    by (AOT_subst ([F]x & ¬[F]x) [F]x &  ¬[F]x for: x)
4361       (auto simp: "S5Basic:11" "cqt-further:7")
4362  also AOT_have   x (¬[F]x & [F]x)
4363    by (AOT_subst ¬[F]x & [F]x  [F]x & ¬[F]x for: x)
4364       (auto simp: "Commutativity of &" "cqt-further:7")
4365  also AOT_have   x (¬[F]x & [F]x)
4366    by (AOT_subst (¬[F]x & [F]x) ¬[F]x & [F]x for: x)
4367       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
4368  also AOT_have   x (¬[F]x & [F]x)
4369    using "BF◇" "CBF◇" "≡I" by fast
4370  finally show ?thesis.
4371qed
4372
4373AOT_theorem "lem-cont-e:2": x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
4374proof -
4375  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
4376    using "lem-cont-e:1".
4377  also AOT_have   x ([F]-x & ¬[F]-x)
4378    apply (AOT_subst ¬[F]-x [F]x for: x)
4379     apply (simp add: "thm-relation-negation:2")
4380    apply (AOT_subst [F]-x ¬[F]x for: x)
4381     apply (simp add: "thm-relation-negation:1")
4382    by (simp add: "oth-class-taut:3:a")
4383  finally show ?thesis.
4384qed
4385
4386AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
4387proof (rule "CBF◇"[THEN "→E"])
4388  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
4389  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
4390  AOT_hence θ: E!a & ¬𝒜E!a
4391    using "KBasic2:3"[THEN "→E"] by blast
4392  AOT_have ξ: E!a & 𝒜¬E!a
4393    by (AOT_subst  𝒜¬E!a ¬𝒜E!a)
4394       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
4395  AOT_have ζ: E!a & 𝒜¬E!a
4396    by (AOT_subst 𝒜¬E!a 𝒜¬E!a)
4397       (auto simp add: "Act-Sub:4" ξ)
4398  AOT_hence E!a & ¬E!a
4399    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
4400  AOT_hence (E!a & ¬E!a) using "S5Basic:11"[THEN "≡E"(2)] by simp
4401  AOT_thus x (E!x & ¬E!x) using "∃I"(2) by fast
4402qed
4403
4404AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
4405proof -
4406  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
4407    using "lem-cont-e:1" GEN by fast
4408  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
4409    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
4410  thus ?thesis using "thm-cont-e:1" "≡E" by blast
4411qed
4412
4413AOT_theorem "thm-cont-e:3": x E!x
4414proof (rule "CBF◇"[THEN "→E"])
4415  AOT_obtain a where (E!a & ¬E!a)
4416    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
4417  AOT_hence E!a
4418    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
4419  AOT_thus x E!x using "∃I" by fast
4420qed
4421
4422AOT_theorem "thm-cont-e:4": x ¬E!x
4423proof (rule "CBF◇"[THEN "→E"])
4424  AOT_obtain a where (E!a & ¬E!a)
4425    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
4426  AOT_hence ¬E!a
4427    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
4428  AOT_hence ¬E!a
4429    using "4◇"[THEN "→E"] by blast
4430  AOT_thus x ¬E!x using "∃I" by fast
4431qed
4432
4433AOT_theorem "thm-cont-e:5": Contingent([E!])
4434proof -
4435  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
4436    using "thm-cont-prop:2" GEN by fast
4437  AOT_hence Contingent([E!])  x E!x & x ¬E!x
4438    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
4439  thus ?thesis
4440    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
4441qed
4442
4443AOT_theorem "thm-cont-e:6": Contingent([E!]-)
4444proof -
4445  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
4446    using "thm-cont-prop:3" GEN by fast
4447  AOT_hence Contingent([E!])  Contingent([E!]-)
4448    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
4449  thus ?thesis using "thm-cont-e:5" "≡E" by blast
4450qed
4451
4452AOT_theorem "thm-cont-e:7": FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
4453proof (rule "∃I")+
4454  AOT_have F [«F::<κ>»]  [F]- using "thm-relation-negation:5" GEN by fast
4455  AOT_hence [E!]  [E!]-
4456    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
4457  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
4458    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
4459next
4460  AOT_show E!-
4461    by (fact AOT)
4462next
4463  AOT_show E! by (fact "cqt:2[concrete]"[axiom_inst])
4464qed
4465
4466AOT_theorem "property-facts:1": NonContingent([F])  ¬G (Contingent([G]) & G = F)
4467proof (rule "→I"; rule "raa-cor:2")
4468  AOT_assume NonContingent([F])
4469  AOT_hence 1: Necessary([F])  Impossible([F])
4470    using "contingent-properties:3"[THEN "≡dfE"] by blast
4471  AOT_assume G (Contingent([G]) & G = F)
4472  then AOT_obtain G where Contingent([G]) & G = F using "∃E"[rotated] by blast
4473  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
4474  AOT_hence ¬(Necessary([F])  Impossible([F]))
4475    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
4476  AOT_thus (Necessary([F])  Impossible([F])) & ¬(Necessary([F])  Impossible([F]))
4477    using 1 "&I" by blast
4478qed
4479
4480AOT_theorem "property-facts:2": Contingent([F])  ¬G (NonContingent([G]) & G = F)
4481proof (rule "→I"; rule "raa-cor:2")
4482  AOT_assume Contingent([F])
4483  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
4484    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
4485  AOT_assume G (NonContingent([G]) & G = F)
4486  then AOT_obtain G where NonContingent([G]) & G = F using "∃E"[rotated] by blast
4487  AOT_hence NonContingent([F]) using "rule=E" "&E" by blast
4488  AOT_hence Necessary([F])  Impossible([F])
4489    using "contingent-properties:3"[THEN "≡dfE"] by blast
4490  AOT_thus (Necessary([F])  Impossible([F])) & ¬(Necessary([F])  Impossible([F]))
4491    using 1 "&I" by blast
4492qed
4493
4494AOT_theorem "property-facts:3": L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
4495proof -
4496  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ and Π Π' :: <κ>
4497    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
4498    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
4499  AOT_have contingent_denotes: Π if Contingent([Π]) for Π :: <κ>
4500    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
4501  AOT_have not_noncontingent_if_contingent: ¬NonContingent([Π]) if Contingent([Π]) for Π :: <κ>
4502  proof(rule RAA(2))
4503    AOT_show ¬(Necessary([Π])  Impossible([Π]))
4504      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1), OF contingent_denotes[OF that], THEN "≡E"(1)] by blast
4505  next
4506    AOT_assume NonContingent([Π])
4507    AOT_thus Necessary([Π])  Impossible([Π])
4508      using "contingent-properties:3"[THEN "≡dfE"] by blast
4509  qed
4510
4511  show ?thesis
4512  proof (safe intro!: "&I")
4513    AOT_show L  [L]-
4514      apply (rule "=dfI"(2)[OF L_def])
4515       apply "cqt:2[lambda]"
4516      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
4517       apply (rule GEN) apply (fact AOT)
4518      by "cqt:2[lambda]"
4519  next
4520    AOT_show L  E!
4521      apply (rule noneqI)
4522      using "thm-noncont-e-e:3" not_noncontingent_if_contingent[OF "thm-cont-e:5"]
4523      by auto
4524  next
4525    AOT_show L  E!-
4526      apply (rule noneqI)
4527      using "thm-noncont-e-e:3" apply fast
4528      apply (rule not_noncontingent_if_contingent)
4529      apply (rule "∀E"(1)[where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»", rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
4530      using "thm-cont-prop:3" GEN apply fast
4531      using "thm-cont-e:5" by fast+
4532  next
4533    AOT_show [L]-  E!-
4534      apply (rule noneqI)
4535      using "thm-noncont-e-e:4" apply fast
4536      apply (rule not_noncontingent_if_contingent)
4537      apply (rule "∀E"(1)[where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»", rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
4538      using "thm-cont-prop:3" GEN apply fast
4539      using "thm-cont-e:5" by fast+
4540  next
4541    AOT_show E!  E!-
4542      apply (rule "=dfI"(2)[OF L_def])
4543       apply "cqt:2[lambda]"
4544      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
4545       apply (rule GEN) apply (fact AOT)
4546      by (fact "cqt:2[concrete]"[axiom_inst])
4547  qed
4548qed
4549
4550AOT_theorem "thm-cont-propos:1": NonContingent0(p)  NonContingent0(((p)-))
4551proof(rule "≡I"; rule "→I")
4552  AOT_assume NonContingent0(p)
4553  AOT_hence Necessary0(p)  Impossible0(p)
4554    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4555  moreover {
4556    AOT_assume Necessary0(p)
4557    AOT_hence 1: p using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4558    AOT_have ¬((p)-)
4559      by (AOT_subst ¬((p)-) p)
4560         (auto simp add: 1 "thm-relation-negation:4")
4561    AOT_hence Impossible0(((p)-))
4562      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4563  }
4564  moreover {
4565    AOT_assume Impossible0(p)
4566    AOT_hence 1: ¬p
4567      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
4568    AOT_have ((p)-)
4569      by (AOT_subst ((p)-) ¬p) 
4570         (auto simp: 1 "thm-relation-negation:3")
4571    AOT_hence Necessary0(((p)-))
4572      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
4573  }
4574  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
4575    using "∨E"(1) "∨I" "→I" by metis
4576  AOT_thus NonContingent0(((p)-))
4577    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
4578next
4579  AOT_assume NonContingent0(((p)-))
4580  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
4581    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4582  moreover {
4583    AOT_assume Impossible0(((p)-))
4584    AOT_hence 1: ¬((p)-)
4585      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
4586    AOT_have p
4587      by (AOT_subst (reverse) p ¬((p)-))
4588         (auto simp: 1 "thm-relation-negation:4")
4589    AOT_hence Necessary0(p)
4590      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
4591  }
4592  moreover {
4593    AOT_assume Necessary0(((p)-))
4594    AOT_hence 1: ((p)-)
4595      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
4596    AOT_have ¬p
4597      by (AOT_subst (reverse) ¬p ((p)-))
4598         (auto simp: 1 "thm-relation-negation:3")
4599    AOT_hence Impossible0(p)
4600      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4601  }
4602  ultimately AOT_have Necessary0(p)  Impossible0(p)
4603    using "∨E"(1) "∨I" "→I" by metis
4604  AOT_thus NonContingent0(p)
4605    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
4606qed
4607
4608AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
4609proof -
4610  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
4611    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
4612  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
4613    by (fact AOT)
4614  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
4615    by (fact AOT)
4616  also AOT_have   φ & ¬φ
4617    apply (AOT_subst φ ¬¬φ)
4618     apply (simp add: "conventions:5" "≡Df")
4619    apply (AOT_subst Impossible0(φ) ¬φ)
4620     apply (simp add: "contingent-properties:2[zero]" "≡Df")
4621    apply (AOT_subst (reverse) ¬φ ¬φ)
4622     apply (simp add: "KBasic:11")
4623    apply (AOT_subst Necessary0(φ) φ)
4624     apply (simp add: "contingent-properties:1[zero]" "≡Df")
4625    by (simp add: "oth-class-taut:3:a")
4626  finally show ?thesis.
4627qed
4628
4629AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
4630proof -
4631  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
4632  also AOT_have   ¬p & p by (fact AOT)
4633  also AOT_have   ((p)-) & p
4634    by (AOT_subst ((p)-) ¬p)
4635       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
4636  also AOT_have   ((p)-) & ¬((p)-)
4637    by (AOT_subst ¬((p)-) p)
4638       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
4639  also AOT_have   Contingent0(((p)-))
4640    using "thm-cont-propos:2"[symmetric] by blast
4641  finally show ?thesis.
4642qed
4643
4644AOT_define noncontingent_prop :: ‹φ› ("p0")
4645  p0_def: "(p0) =df (x (E!x  E!x))"
4646
4647AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
4648proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
4649  AOT_show (p0)
4650    apply (rule "=dfI"(2)[OF p0_def])
4651    using "log-prop-prop:2" apply simp
4652    using "if-p-then-p" RN GEN by fast
4653qed
4654
4655AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
4656proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
4657  AOT_show ¬((p0)-)
4658    apply (AOT_subst ((p0)-) ¬p0)
4659    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"] apply fast
4660    apply (AOT_subst (reverse) ¬¬p0 p0)
4661     apply (simp add: "oth-class-taut:3:b")
4662    apply (rule "=dfI"(2)[OF p0_def])
4663    using "log-prop-prop:2" apply simp
4664    using "if-p-then-p" RN GEN by fast
4665qed
4666
4667AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
4668  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
4669  using "thm-noncont-propos:1" "∨I" by blast
4670
4671AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
4672  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
4673  using "thm-noncont-propos:2" "∨I" by blast
4674
4675AOT_theorem "thm-noncont-propos:5": pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
4676proof(rule "∃I")+
4677  AOT_have 0: φ  (φ)- for φ
4678    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4679  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
4680    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
4681qed(auto simp: "log-prop-prop:2")
4682
4683AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
4684proof(rule "raa-cor:2")
4685  AOT_assume x(E!x & ¬𝒜E!x)
4686  then AOT_obtain a where a: E!a & ¬𝒜E!a
4687    using "∃E"[rotated] by blast
4688  AOT_hence 𝒜¬E!a using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
4689  AOT_hence ¬E!a using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
4690  AOT_hence E!a & ¬E!a using a "&E" "&I" by blast
4691  AOT_thus p & ¬p for p using "raa-cor:1" by blast
4692qed
4693
4694AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
4695proof(rule "raa-cor:2")
4696  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
4697  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
4698    using "Act-Basic:10"[THEN "≡E"(1)] by blast
4699  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
4700  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a using "Act-Basic:2"[THEN "≡E"(1)] by blast
4701  AOT_hence ¬𝒜𝒜E!a using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
4702  AOT_hence ¬𝒜E!a using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
4703  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
4704qed
4705
4706AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
4707proof (rule RAA(1))
4708  AOT_show ¬𝒜x (E!x & ¬𝒜E!x) using "pos-not-pna:1" by blast
4709next
4710  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
4711  AOT_hence x (E!x & ¬𝒜E!x)
4712    using "KBasic:12"[THEN "≡E"(2)] by blast
4713  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
4714    using "nec-imp-act"[THEN "→E"] by blast
4715qed
4716
4717AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
4718proof -
4719  AOT_obtain a where (E!a & ¬𝒜E!a)
4720    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
4721  AOT_hence θ: E!a and ξ: ¬𝒜E!a using "KBasic2:3"[THEN "→E"] "&E" by blast+
4722  AOT_have ¬𝒜E!a using ξ "KBasic:11"[THEN "≡E"(2)] by blast
4723  AOT_hence ¬𝒜E!a using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)] by blast
4724  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
4725  thus ?thesis using "∃I" by fast
4726qed
4727
4728AOT_define contingent_prop :: φ ("q0")
4729  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
4730
4731AOT_theorem q0_prop: q0 & ¬q0
4732  apply (rule "=dfI"(2)[OF q0_def])
4733  apply (fact "log-prop-prop:2")
4734  apply (rule "&I")
4735   apply (fact "qml:4"[axiom_inst])
4736  by (fact "pos-not-pna:2")
4737
4738AOT_theorem "basic-prop:1": Contingent0((q0))
4739proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
4740  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
4741  proof (rule "&I"; rule "=dfI"(2)[OF q0_def]; (rule "log-prop-prop:2" | rule "raa-cor:2"))
4742    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
4743    AOT_hence x (E!x & ¬𝒜E!x)
4744      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4745    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
4746      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
4747    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
4748      using "pos-not-pna:1" "&I" by blast
4749  next
4750    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
4751    AOT_hence ¬(x (E!x & ¬𝒜E!x))
4752      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
4753    AOT_hence ¬(x (E!x & ¬𝒜E!x)) using "KBasic2:1"[THEN "≡E"(1)] by blast
4754    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
4755      using "qml:4"[axiom_inst] "&I" by blast
4756  qed
4757  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
4758    using "oth-class-taut:5:d" "≡E"(2) by blast
4759qed
4760
4761AOT_theorem "basic-prop:2": p Contingent0((p))
4762  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
4763
4764AOT_theorem "basic-prop:3": Contingent0(((q0)-))
4765  apply (AOT_subst ((q0)-) ¬q0)
4766   apply (insert "thm-relation-negation:3" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
4767  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
4768  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
4769  apply (rule "&I")
4770   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]", THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
4771   apply (rule "conventions:5"[THEN "≡dfE"])
4772   apply (rule "=dfE"(2)[OF q0_def])
4773    apply (rule "log-prop-prop:2")
4774   apply (rule q0_prop[THEN "&E"(1)])
4775  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]", THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
4776  apply (rule "conventions:5"[THEN "≡dfE"])
4777  by (rule q0_prop[THEN "&E"(2)])
4778
4779AOT_theorem "basic-prop:4": pq (p  q & Contingent0(p) & Contingent0(q))
4780proof(rule "∃I")+
4781  AOT_have 0: φ  (φ)- for φ
4782    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4783  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
4784    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
4785qed(auto simp: "log-prop-prop:2")
4786
4787AOT_theorem "proposition-facts:1": NonContingent0(p)  ¬q (Contingent0(q) & q = p)
4788proof(rule "→I"; rule "raa-cor:2")
4789  AOT_assume NonContingent0(p)
4790  AOT_hence 1: Necessary0(p)  Impossible0(p)
4791    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
4792  AOT_assume q (Contingent0(q) & q = p)
4793  then AOT_obtain q where Contingent0(q) & q = p using "∃E"[rotated] by blast
4794  AOT_hence Contingent0(p) using "rule=E" "&E" by fast
4795  AOT_thus (Necessary0(p)  Impossible0(p)) & ¬(Necessary0(p)  Impossible0(p))
4796    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
4797qed
4798
4799AOT_theorem "proposition-facts:2": Contingent0(p)  ¬q (NonContingent0(q) & q = p)
4800proof(rule "→I"; rule "raa-cor:2")
4801  AOT_assume Contingent0(p)
4802  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
4803    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
4804  AOT_assume q (NonContingent0(q) & q = p)
4805  then AOT_obtain q where NonContingent0(q) & q = p using "∃E"[rotated] by blast
4806  AOT_hence NonContingent0(p) using "rule=E" "&E" by fast
4807  AOT_thus (Necessary0(p)  Impossible0(p)) & ¬(Necessary0(p)  Impossible0(p))
4808    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
4809qed
4810
4811AOT_theorem "proposition-facts:3": (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
4812proof -
4813  {
4814    fix χ φ ψ
4815    AOT_assume χ{φ}
4816    moreover AOT_assume ¬χ{ψ}
4817    ultimately AOT_have ¬(χ{φ}  χ{ψ})
4818      using RAA "≡E" by metis
4819    moreover {
4820      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
4821        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
4822      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
4823        using "∀E" "log-prop-prop:2" by blast
4824    }
4825    ultimately AOT_have φ  ψ
4826      using "→E" by blast
4827  } note 0 = this
4828  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
4829    using "thm-cont-propos:3" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4830  AOT_have not_noncontingent_if_contingent: ¬NonContingent0(φ) if Contingent0(φ) for φ
4831    apply (rule "contingent-properties:3[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4832    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
4833  show ?thesis
4834    apply (rule "&I")+
4835    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] apply fast
4836       apply (rule 0)
4837    using "thm-noncont-propos:3" apply fast
4838       apply (rule not_noncontingent_if_contingent)
4839       apply (fact AOT)
4840      apply (rule 0)
4841    apply (rule "thm-noncont-propos:3")
4842      apply (rule not_noncontingent_if_contingent)
4843      apply (rule contingent_neg[THEN "≡E"(1)])
4844      apply (fact AOT)
4845     apply (rule 0)
4846    apply (rule "thm-noncont-propos:4")
4847      apply (rule not_noncontingent_if_contingent)
4848      apply (rule contingent_neg[THEN "≡E"(1)])
4849     apply (fact AOT)
4850    using "thm-relation-negation:6" "∀I" "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
4851qed
4852
4853AOT_define ContingentlyTrue :: ‹φ  φ› ("ContingentlyTrue'(_')")
4854  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
4855
4856AOT_define ContingentlyFalse :: ‹φ  φ› ("ContingentlyFalse'(_')")
4857  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
4858
4859AOT_theorem "cont-true-cont:1": ContingentlyTrue((p))  Contingent0((p))
4860proof(rule "→I")
4861  AOT_assume ContingentlyTrue((p))
4862  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
4863  AOT_have ¬Necessary0((p))
4864    apply (rule "contingent-properties:1[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4865    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
4866  moreover AOT_have ¬Impossible0((p))
4867    apply (rule "contingent-properties:2[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4868    apply (rule "conventions:5"[THEN "≡dfE"])
4869    using "T◇"[THEN "→E", OF 1].
4870  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
4871    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
4872  AOT_thus Contingent0((p))
4873    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
4874qed
4875
4876AOT_theorem "cont-true-cont:2": ContingentlyFalse((p))  Contingent0((p))
4877proof(rule "→I")
4878  AOT_assume ContingentlyFalse((p))
4879  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
4880  AOT_have ¬Necessary0((p))
4881    apply (rule "contingent-properties:1[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4882    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
4883  moreover AOT_have ¬Impossible0((p))
4884    apply (rule "contingent-properties:2[zero]"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
4885    apply (rule "conventions:5"[THEN "≡dfE"])
4886    using 2.
4887  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
4888    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
4889  AOT_thus Contingent0((p))
4890    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
4891qed
4892
4893AOT_theorem "cont-true-cont:3": ContingentlyTrue((p))  ContingentlyFalse(((p)-))
4894proof(rule "≡I"; rule "→I")
4895  AOT_assume ContingentlyTrue((p))
4896  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
4897  AOT_have 1: ContingentlyFalse(¬p)
4898    apply (rule "cont-tf:2"[THEN "≡dfI"])
4899    apply (AOT_subst (reverse) ¬¬p p)
4900    by (auto simp: "oth-class-taut:3:b" 0)
4901  AOT_show ContingentlyFalse(((p)-))
4902    apply (AOT_subst ((p)-) ¬p)
4903    by (auto simp: "thm-relation-negation:3" 1)
4904next
4905  AOT_assume 1: ContingentlyFalse(((p)-))
4906  AOT_have ContingentlyFalse(¬p)
4907    by (AOT_subst (reverse) ¬p ((p)-))
4908       (auto simp: "thm-relation-negation:3" 1)
4909  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
4910  AOT_hence p & ¬p
4911    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
4912  AOT_thus ContingentlyTrue((p))
4913    using "cont-tf:1"[THEN "≡dfI"] by blast
4914qed
4915
4916AOT_theorem "cont-true-cont:4": ContingentlyFalse((p))  ContingentlyTrue(((p)-))
4917proof(rule "≡I"; rule "→I")
4918  AOT_assume ContingentlyFalse(p)
4919  AOT_hence 0: ¬p & p
4920    using "cont-tf:2"[THEN "≡dfE"] by blast
4921  AOT_have ¬p & ¬¬p
4922    by (AOT_subst (reverse) ¬¬p p)
4923       (auto simp: "oth-class-taut:3:b" 0)
4924  AOT_hence 1: ContingentlyTrue(¬p)
4925    by (rule "cont-tf:1"[THEN "≡dfI"])
4926  AOT_show ContingentlyTrue(((p)-))
4927    by (AOT_subst ((p)-) ¬p)
4928       (auto simp: "thm-relation-negation:3" 1)
4929next
4930  AOT_assume 1: ContingentlyTrue(((p)-))
4931  AOT_have ContingentlyTrue(¬p)
4932    by (AOT_subst (reverse) ¬p ((p)-))
4933       (auto simp add: "thm-relation-negation:3" 1)
4934  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
4935  AOT_have p
4936    by (AOT_subst p ¬¬p)
4937       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
4938  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
4939  AOT_thus ContingentlyFalse(p)
4940    by (rule "cont-tf:2"[THEN "≡dfI"])
4941qed
4942
4943AOT_theorem "cont-true-cont:5": (ContingentlyTrue((p)) & Necessary0((q)))  p  q
4944proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
4945  AOT_assume ContingentlyTrue((p))
4946  AOT_hence ¬p
4947    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
4948  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
4949  AOT_assume Necessary0((q))
4950  moreover AOT_assume ¬(p  q)
4951  AOT_hence p = q
4952    using "=-infix"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4953          "useful-tautologies:1"[THEN "→E"] by blast
4954  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
4955  AOT_hence p
4956    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
4957  AOT_thus p & ¬p using 0 "&I" by blast
4958qed
4959
4960AOT_theorem "cont-true-cont:6": (ContingentlyFalse((p)) & Impossible0((q)))  p  q
4961proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
4962  AOT_assume ContingentlyFalse((p))
4963  AOT_hence p
4964    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
4965  AOT_hence 1: ¬¬p
4966    using "conventions:5"[THEN "≡dfE"] by blast
4967  AOT_assume Impossible0((q))
4968  moreover AOT_assume ¬(p  q)
4969  AOT_hence p = q
4970    using "=-infix"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4971          "useful-tautologies:1"[THEN "→E"] by blast
4972  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
4973  AOT_hence ¬p
4974    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
4975  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
4976qed
4977
4978AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
4979  apply (rule "cont-tf:2"[THEN "≡dfI"])
4980  apply (rule "=dfI"(2)[OF q0_def])
4981   apply (fact "log-prop-prop:2")
4982  apply (rule "&I")
4983   apply (fact "no-cnac")
4984  by (fact "qml:4"[axiom_inst])
4985
4986AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
4987  apply (rule "cont-tf:1"[THEN "≡dfI"])
4988  apply (rule "=dfI"(2)[OF q0_def])
4989   apply (fact "log-prop-prop:2")
4990  apply (rule "&I")
4991     apply (rule "thm-relation-negation:3"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
4992     apply (fact "no-cnac")
4993    apply (rule "rule=E"[rotated, OF "thm-relation-negation:7"[unvarify p, OF "log-prop-prop:2", THEN id_sym]])
4994  apply (AOT_subst (reverse) ¬¬(x  (E!x & ¬𝒜E!x)) x (E!x & ¬𝒜E!x))
4995  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
4996
4997(* TODO: q0cf-rem skipped for now *)
4998
4999AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
5000proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5001  AOT_assume q0
5002  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5003  AOT_thus ContingentlyTrue(q0)
5004    by (rule "cont-tf:1"[THEN "≡dfI"])
5005next
5006  AOT_assume ¬q0
5007  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5008  AOT_hence ContingentlyFalse(q0)
5009    by (rule "cont-tf:2"[THEN "≡dfI"])
5010  AOT_thus ContingentlyTrue(((q0)-))
5011    by (rule "cont-true-cont:4"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)])
5012qed(auto simp: "log-prop-prop:2")
5013
5014
5015AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
5016proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5017  AOT_assume q0
5018  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5019  AOT_hence ContingentlyTrue(q0)
5020    by (rule "cont-tf:1"[THEN "≡dfI"])
5021  AOT_thus ContingentlyFalse(((q0)-))
5022    by (rule "cont-true-cont:3"[unvarify p, OF "log-prop-prop:2", THEN "≡E"(1)])
5023next
5024  AOT_assume ¬q0
5025  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5026  AOT_thus ContingentlyFalse(q0)
5027    by (rule "cont-tf:2"[THEN "≡dfI"])
5028qed(auto simp: "log-prop-prop:2")
5029
5030(* TODO: inspect modally strict subproof involving obtained variable *)
5031AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
5032proof -
5033  fix x
5034  AOT_obtain p1 where ContingentlyTrue((p1))
5035    using "cont-tf-thm:1" "∃E"[rotated] by blast
5036  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5037  AOT_modally_strict {
5038    AOT_have for arbitrary p:  (z p]x  p)
5039      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5040    AOT_hence for arbitrary p:   (z p]x  p)
5041      by (rule RN)
5042    AOT_hence p (z p]x  p) using GEN by fast
5043    AOT_hence (z p1]x  p1) using "∀E" by fast
5044  } note 2 = this
5045  AOT_hence (z p1]x  p1) using "∀E" by blast
5046  AOT_hence z p1]x using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5047  moreover AOT_have ¬z p1]x
5048    using 2[THEN "qml:2"[axiom_inst, THEN "→E"]]
5049    apply (AOT_subst z p1]x p1)
5050    using 1[THEN "&E"(2)] by blast
5051  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
5052  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
5053  moreover AOT_have z p1] by "cqt:2[lambda]"
5054  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
5055qed
5056
5057(* TODO: inspect modally strict subproof involving obtained variable *)
5058AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
5059proof -
5060  fix x
5061  AOT_obtain p1 where ContingentlyFalse((p1))
5062    using "cont-tf-thm:2" "∃E"[rotated] by blast
5063  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5064  AOT_modally_strict {
5065    AOT_have for arbitrary p:  (z p]x  p)
5066      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5067    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5068      using "oth-class-taut:4:b" "≡E" by blast
5069    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5070      by (rule RN)
5071    AOT_hence p (¬z p]x  ¬p) using GEN by fast
5072    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
5073  } note 2 = this
5074  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
5075  AOT_hence 3: ¬z p1]x using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5076  AOT_modally_strict {
5077    AOT_have for arbitrary p:  (z p]x  p)
5078      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5079    AOT_hence for arbitrary p:  (z p]x  p)
5080      by (rule RN)
5081    AOT_hence p (z p]x  p) using GEN by fast
5082    AOT_hence (z p1]x  p1) using "∀E" by fast
5083  } note 4 = this
5084  AOT_have z p1]x
5085    using 4[THEN "qml:2"[axiom_inst, THEN "→E"]]
5086    apply (AOT_subst z p1]x p1)
5087    using 1[THEN "&E"(2)] by blast
5088  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
5089  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
5090  moreover AOT_have z p1] by "cqt:2[lambda]"
5091  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
5092qed
5093
5094context
5095begin
5096
5097private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
5098    apply (rule "=dfI"(2)[OF L_def])
5099     apply "cqt:2[lambda]"
5100    apply (rule "beta-C-meta"[THEN "→E"])
5101  by "cqt:2[lambda]"
5102
5103private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
5104    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5105
5106private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
5107proof(rule "≡I"; rule "→I"; (rule "∀I")?)
5108  fix x
5109  AOT_assume 1: φ
5110  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
5111  also AOT_have   φ
5112    using "if-p-then-p" 1 "≡I" "→I" by simp
5113  also AOT_have   z φ]x
5114    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
5115  finally AOT_show [L]x  z φ]x.
5116next
5117  fix x
5118  AOT_assume x([L]x  z φ]x)
5119  AOT_hence [L]x  z φ]x using "∀E" by blast
5120  also AOT_have   φ using eqnotnec_123_Aux_ω.
5121  finally AOT_have φ  [L]x using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5122  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
5123  finally AOT_show φ using "≡E" "if-p-then-p" by fast
5124qed
5125private lemmas eqnotnec_123_Aux_ξ =  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5126                      THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5127                      THEN "RM◇"]
5128private lemmas eqnotnec_123_Aux_ξ' = eqnotnec_123_Aux_θ[THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)], THEN "RM◇"]
5129
5130AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5131proof-
5132  AOT_obtain p1 where ContingentlyTrue(p1) using "cont-tf-thm:1" "∃E"[rotated] by blast
5133  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5134  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
5135    apply - apply (rule "&I")
5136    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)] eqnotnec_123_Aux_ξ "→E" by fast+
5137  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
5138    by (rule "∃I") "cqt:2[lambda]"
5139  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
5140    apply (rule "∃I")
5141    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5142qed
5143
5144AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
5145proof-
5146  AOT_obtain p1 where ContingentlyFalse(p1) using "cont-tf-thm:2" "∃E"[rotated] by blast
5147  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5148  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
5149    apply - apply (rule "&I")
5150    using "&E" eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)] eqnotnec_123_Aux_ξ' "→E" by fast+
5151  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
5152    by (rule "∃I") "cqt:2[lambda]"
5153  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
5154    apply (rule "∃I")
5155    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5156qed
5157
5158AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5159proof-
5160  AOT_have ¬𝒜q0
5161    apply (rule "=dfI"(2)[OF q0_def])
5162     apply (fact "log-prop-prop:2")
5163    by (fact AOT)
5164  AOT_hence 𝒜¬q0
5165    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5166  AOT_hence 𝒜¬x ([L]x  z q0]x)
5167    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5168            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
5169            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
5170  moreover AOT_have x ([L]x  z q0]x) using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
5171  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x) using "&I" by blast
5172  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
5173    by (rule "∃I") "cqt:2[lambda]"
5174  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5175    apply (rule "∃I")
5176    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5177qed
5178
5179end
5180
5181(* TODO[IMPORTANT]: proof of 219.4 ζ: appeal to (159.2) requires a theorem, but the result has local
5182   assumptions! *)
5183AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
5184proof(rule GEN)
5185  fix F
5186
5187  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5188  proof(rule "→I"; rule GEN)
5189    AOT_modally_strict {
5190    fix x
5191    AOT_assume 0: ψ
5192    AOT_have z [F]z & ψ]x  [F]x & ψ
5193      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5194    also AOT_have ...  [F]x
5195      apply (rule "≡I"; rule "→I")
5196      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5197      using 0 "&I" by blast
5198    finally AOT_show [F]x  z [F]z & ψ]x
5199      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5200    }
5201  qed
5202
5203  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5204  proof (rule "→I"; rule GEN)
5205    AOT_modally_strict {
5206      fix x
5207      AOT_assume 0: ψ
5208      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5209        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5210      also AOT_have ...  [F]x
5211        apply (rule "≡I"; rule "→I")
5212        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5213        apply (rule "∨I"(1)) using 0 "&I" by blast
5214      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5215        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5216    }
5217  qed
5218
5219  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5220  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
5221  AOT_modally_strict {
5222      AOT_assume 0: ¬ψ
5223      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5224      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5225      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5226          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5227      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5228        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5229      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5230        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5231      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5232      ultimately AOT_have ψ using "≡E" "&E" by metis
5233      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5234    }
5235  qed
5236
5237  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5238  proof (rule "→I")
5239    AOT_assume A: z([F]z  z [F]z & ψ]z)
5240    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
5241    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
5242          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
5243          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5244      AOT_modally_strict {
5245        AOT_assume z ([F]z  z [F]z & ψ]z)
5246        AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5247        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5248        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5249        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5250        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5251      }
5252    next
5253      AOT_modally_strict {
5254        AOT_assume z ([F]z  z [F]z & ψ]z)
5255        AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5256        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5257        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5258        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5259        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5260      }
5261    qed(auto simp: A)
5262  qed
5263
5264  AOT_obtain p1 where p1_prop: p1 & ¬p1 using "cont-tf-thm:1" "∃E"[rotated] "cont-tf:1"[THEN "≡dfE"] by blast
5265  {
5266    AOT_assume 1: x([F]x  z [F]z & p1]x)
5267    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
5268      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
5269    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
5270      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
5271    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
5272      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5273    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) & ¬x([F]x  z [F]z & p1  ¬p1]x) using 2 "&I" by blast
5274    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5275      by (rule "∃I"(1)) "cqt:2[lambda]"
5276  }
5277  moreover {
5278    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
5279    AOT_hence ¬x([F]x  z [F]z & p1]x)
5280      using "KBasic:11"[THEN "≡E"(1)] by blast
5281    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
5282      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
5283    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5284      by (rule "∃I"(1)) "cqt:2[lambda]"
5285  }
5286  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
5287    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5288qed
5289
5290AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
5291proof(rule GEN)
5292  fix F
5293
5294  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5295  proof(rule "RM◇"; rule "→I"; rule GEN)
5296    AOT_modally_strict {
5297    fix x
5298    AOT_assume 0: ψ
5299    AOT_have z [F]z & ψ]x  [F]x & ψ
5300      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5301    also AOT_have ...  [F]x
5302      apply (rule "≡I"; rule "→I")
5303      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5304      using 0 "&I" by blast
5305    finally AOT_show [F]x  z [F]z & ψ]x
5306      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5307    }
5308  qed
5309
5310  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5311  proof (rule "RM◇"; rule "→I"; rule GEN)
5312    AOT_modally_strict {
5313      fix x
5314      AOT_assume 0: ψ
5315      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5316        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5317      also AOT_have ...  [F]x
5318        apply (rule "≡I"; rule "→I")
5319        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5320        apply (rule "∨I"(1)) using 0 "&I" by blast
5321      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5322        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5323    }
5324  qed
5325
5326  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5327  proof(rule "→I"; rule "raa-cor:2")
5328  AOT_modally_strict {
5329      AOT_assume 0: ¬ψ
5330      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5331      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5332      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5333          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5334      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5335        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5336      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5337        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5338      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5339      ultimately AOT_have ψ using "≡E" "&E" by metis
5340      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5341    }
5342  qed
5343
5344  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z)  (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5345  proof (rule "→I"; rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5346    AOT_modally_strict {
5347      AOT_assume z ([F]z  z [F]z & ψ]z)
5348      AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5349      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5350      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5351      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5352      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5353    }
5354  next
5355    AOT_modally_strict {
5356      AOT_assume z ([F]z  z [F]z & ψ]z)
5357      AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5358      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5359      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5360      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5361      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5362    }
5363  qed
5364
5365  AOT_obtain p1 where p1_prop: ¬p1 & p1 using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
5366  {
5367    AOT_assume 1: x([F]x  z [F]z & p1]x)
5368    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
5369      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
5370    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
5371      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
5372    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
5373      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5374    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) & x([F]x  z [F]z & p1  ¬p1]x) using 2 "&I" by blast
5375    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5376      by (rule "∃I"(1)) "cqt:2[lambda]"
5377  }
5378  moreover {
5379    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
5380    AOT_hence ¬x([F]x  z [F]z & p1]x)
5381      using "KBasic:11"[THEN "≡E"(1)] by blast
5382    AOT_hence ¬x ([F]x  z [F]z & p1]x) & x([F]x  z [F]z & p1]x)
5383      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
5384    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5385      by (rule "∃I"(1)) "cqt:2[lambda]"
5386  }
5387  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
5388    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5389qed
5390
5391AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
5392proof(rule GEN)
5393  fix F
5394
5395  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
5396  proof(rule "RM◇"; rule "→I"; rule GEN)
5397    AOT_modally_strict {
5398    fix x
5399    AOT_assume 0: ψ
5400    AOT_have z [F]z & ψ]x  [F]x & ψ
5401      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5402    also AOT_have ...  [F]x
5403      apply (rule "≡I"; rule "→I")
5404      using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5405      using 0 "&I" by blast
5406    finally AOT_show [F]x  z [F]z & ψ]x
5407      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5408    }
5409  qed
5410
5411  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
5412  proof (rule "RM◇"; rule "→I"; rule GEN)
5413    AOT_modally_strict {
5414      fix x
5415      AOT_assume 0: ψ
5416      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
5417        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5418      also AOT_have ...  [F]x
5419        apply (rule "≡I"; rule "→I")
5420        using  "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E" apply blast
5421        apply (rule "∨I"(1)) using 0 "&I" by blast
5422      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
5423        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
5424    }
5425  qed
5426
5427  AOT_have Aux_C:  𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
5428  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
5429  AOT_modally_strict {
5430      AOT_assume 0: ¬ψ
5431      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
5432      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5433      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
5434          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5435      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
5436        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5437      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
5438        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
5439      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
5440      ultimately AOT_have ψ using "≡E" "&E" by metis
5441      AOT_thus ψ & ¬ψ using 0 "&I" by blast
5442    }
5443  qed
5444
5445  AOT_have Aux_D: 𝒜z ([F]z  z [F]z & ψ]z)  (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
5446  proof (rule "→I"; rule "Act-Basic:5"[THEN "≡E"(1)])
5447    AOT_assume 𝒜z ([F]z  z [F]z & ψ]z)
5448    AOT_thus 𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x))
5449    proof (rule "RA[3]"[where Γ="{«z ([F]z  z [F]z & ψ]z)»}", simplified, rotated])
5450      AOT_modally_strict {
5451        AOT_assume z ([F]z  z [F]z & ψ]z)
5452        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
5453          apply -
5454        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
5455        AOT_modally_strict {
5456          AOT_assume z ([F]z  z [F]z & ψ]z)
5457          AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5458          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
5459          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5460          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "≡E" 1 2 by meson
5461          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5462        }
5463      next
5464        AOT_modally_strict {
5465          AOT_assume z ([F]z  z [F]z & ψ]z)
5466          AOT_hence 1: [F]z  z [F]z & ψ]z for z using "∀E" by blast
5467          AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
5468          AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z using "∀E" by blast
5469          AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z using 1 2 "≡E" by meson
5470          AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x) by (rule GEN)
5471        }
5472      qed
5473      }
5474    qed
5475  qed
5476
5477  AOT_have ¬𝒜q0
5478    apply (rule "=dfI"(2)[OF q0_def])
5479     apply (fact "log-prop-prop:2")
5480    by (fact AOT)
5481  AOT_hence q0_prop_1: 𝒜¬q0
5482    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5483  {
5484    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
5485    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
5486      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
5487    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
5488      using Aux_C[THEN "→E", OF q0_prop_1].
5489    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
5490      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
5491    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) & x([F]x  z [F]z & q0  ¬q0]x) using 2 "&I" by blast
5492    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5493      by (rule "∃I"(1)) "cqt:2[lambda]"
5494  }
5495  moreover {
5496    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
5497    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
5498      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5499    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
5500      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
5501    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5502      by (rule "∃I"(1)) "cqt:2[lambda]"
5503  }
5504  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
5505    using "∨E"(1)[OF "exc-mid"] "→I" by blast
5506qed
5507
5508AOT_theorem "oa-contingent:1": O!  A!
5509proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
5510  fix x
5511  AOT_assume 1: O! = A!
5512  AOT_hence x E!x] = A!
5513    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5514  AOT_hence x E!x] = x ¬E!x]
5515    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5516  moreover AOT_have x E!x]x  E!x
5517    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5518  ultimately AOT_have x ¬E!x]x  E!x
5519    using "rule=E" by fast
5520  moreover AOT_have x ¬E!x]x  ¬E!x
5521    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5522  ultimately AOT_have E!x  ¬E!x using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
5523  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)" using "oth-class-taut:3:c" "&I" by blast
5524qed
5525
5526AOT_theorem "oa-contingent:2": O!x  ¬A!x
5527proof -
5528  AOT_have O!x  x E!x]x
5529    apply (rule "≡I"; rule "→I")
5530     apply (rule "=dfE"(2)[OF AOT_ordinary])
5531      apply "cqt:2[lambda]"
5532     apply argo
5533    apply (rule  "=dfI"(2)[OF AOT_ordinary])
5534     apply "cqt:2[lambda]"
5535    by argo
5536  also AOT_have   E!x
5537    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5538  also AOT_have   ¬¬E!x
5539    using "oth-class-taut:3:b".
5540  also AOT_have   ¬x ¬E!x]x
5541    by (rule "beta-C-meta"[THEN "→E", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric]) "cqt:2[lambda]"
5542  also AOT_have   ¬A!x
5543    apply (rule "≡I"; rule "→I")
5544     apply (rule "=dfI"(2)[OF AOT_abstract])
5545      apply "cqt:2[lambda]"
5546     apply argo
5547    apply (rule "=dfE"(2)[OF AOT_abstract])
5548     apply "cqt:2[lambda]"
5549    by argo
5550  finally show ?thesis.
5551qed
5552
5553AOT_theorem "oa-contingent:3": A!x  ¬O!x
5554  by (AOT_subst A!x ¬¬A!x)
5555     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
5556
5557AOT_theorem "oa-contingent:4": Contingent(O!)
5558proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)]; rule "&I")
5559  AOT_have x E!x using "thm-cont-e:3" .
5560  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
5561  then AOT_obtain a where E!a using "∃E"[rotated] by blast
5562  AOT_hence x E!x]a
5563    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
5564  AOT_hence O!a
5565    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5566  AOT_hence x O!x using "∃I" by blast
5567  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
5568next
5569  AOT_obtain a where A!a
5570    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5571  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
5572  AOT_hence x ¬O!x using "∃I" by fast
5573  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
5574qed
5575
5576AOT_theorem "oa-contingent:5": Contingent(A!)
5577proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)]; rule "&I")
5578  AOT_obtain a where A!a
5579    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5580  AOT_hence x A!x using "∃I" by fast
5581  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
5582next
5583  AOT_have x E!x using "thm-cont-e:3" .
5584  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
5585  then AOT_obtain a where E!a using "∃E"[rotated] by blast
5586  AOT_hence x E!x]a
5587    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
5588  AOT_hence O!a
5589    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
5590  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
5591  AOT_hence x ¬A!x using "∃I" by fast
5592  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
5593qed
5594
5595AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
5596proof -
5597  AOT_have O!x  ¬A!x
5598    using "oa-contingent:2" by blast
5599  also AOT_have   A!-x
5600    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
5601  finally AOT_have 1: O!x  A!-x.
5602
5603  AOT_have A!x  ¬O!x
5604    using "oa-contingent:3" by blast
5605  also AOT_have   O!-x
5606    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
5607  finally AOT_have 2: A!x  O!-x.
5608
5609  AOT_show O!-x  ¬A!-x
5610    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]] "oa-contingent:3"[of _ x] 2[symmetric]
5611          "≡E"(5) by blast
5612qed
5613
5614AOT_theorem "oa-contingent:6": O!-  A!-
5615proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5616  AOT_assume 1: O!- = A!-
5617  fix x
5618  AOT_have A!-x  O!-x
5619    apply (rule "rule=E"[rotated, OF 1]) by (fact "oth-class-taut:3:a")
5620  AOT_hence A!-x  ¬A!-x
5621    using "oa-contingent:7" "≡E" by fast
5622  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x) using "oth-class-taut:3:c" "&I" by blast
5623qed
5624
5625AOT_theorem "oa-contingent:8": Contingent(O!-)
5626  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1), OF "oa-contingent:4"].
5627
5628AOT_theorem "oa-contingent:9": Contingent(A!-)
5629  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1), OF "oa-contingent:5"].
5630
5631AOT_define WeaklyContingent :: ‹Π  φ› ("WeaklyContingent'(_')")
5632  "df-cont-nec": "WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)"
5633
5634AOT_theorem "cont-nec-fact1:1": WeaklyContingent([F])  WeaklyContingent([F]-)
5635proof -
5636  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
5637    using "df-cont-nec"[THEN "≡Df"] by blast
5638  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
5639    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
5640    using "thm-cont-prop:3".
5641  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
5642  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)]; rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
5643    fix x
5644    AOT_assume 0: x ([F]x  [F]x)
5645    AOT_assume 1: [F]-x
5646    AOT_have ¬[F]x
5647      by (AOT_subst (reverse) ¬[F]x [F]-x)
5648         (auto simp add: "thm-relation-negation:1" 1)
5649    AOT_hence 2: ¬[F]x
5650      using "KBasic:11"[THEN "≡E"(2)] by blast
5651    AOT_show [F]-x
5652    proof (rule "raa-cor:1")
5653      AOT_assume 3: ¬[F]-x
5654      AOT_have ¬¬[F]x
5655        by (AOT_subst (reverse) ¬[F]x [F]-x)
5656           (auto simp add: "thm-relation-negation:1" 3)
5657      AOT_hence [F]x
5658        using "conventions:5"[THEN "≡dfI"] by simp
5659      AOT_hence [F]x using 0 "∀E" "→E" by fast
5660      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
5661    qed
5662  next
5663    fix x
5664    AOT_assume 0: x ([F]-x  [F]-x)
5665    AOT_assume 1: [F]x
5666    AOT_have ¬[F]-x
5667      by (AOT_subst ¬[F]-x [F]x)
5668         (auto simp: "thm-relation-negation:2" 1)
5669    AOT_hence 2: ¬[F]-x
5670      using "KBasic:11"[THEN "≡E"(2)] by blast
5671    AOT_show [F]x
5672    proof (rule "raa-cor:1")
5673      AOT_assume 3: ¬[F]x
5674      AOT_have ¬¬[F]-x
5675        by (AOT_subst ¬[F]-x [F]x)
5676           (auto simp add: "thm-relation-negation:2" 3)
5677      AOT_hence [F]-x
5678        using "conventions:5"[THEN "≡dfI"] by simp
5679      AOT_hence [F]-x using 0 "∀E" "→E" by fast
5680      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
5681    qed
5682  qed
5683  also AOT_have   WeaklyContingent([F]-)
5684    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
5685  finally show ?thesis.
5686qed
5687
5688AOT_theorem "cont-nec-fact1:2": (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
5689proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5690  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
5691  AOT_hence WeaklyContingent([F]) using "&E" by blast
5692  moreover AOT_assume F = G
5693  ultimately AOT_have WeaklyContingent([G])
5694    using "rule=E" by blast
5695  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
5696    using 1 "&I" "&E" by blast
5697qed
5698
5699AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
5700proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
5701  AOT_show Contingent(O!)
5702    using "oa-contingent:4".
5703next
5704  AOT_show x ([O!]x  [O!]x)
5705    apply (rule GEN; rule "→I")
5706    using "oa-facts:5"[THEN "≡E"(1)] by blast
5707qed
5708
5709
5710AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
5711proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
5712  AOT_show Contingent(A!)
5713    using "oa-contingent:5".
5714next
5715  AOT_show x ([A!]x  [A!]x)
5716    apply (rule GEN; rule "→I")
5717    using "oa-facts:6"[THEN "≡E"(1)] by blast
5718qed
5719
5720AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
5721proof (rule "df-cont-nec"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)];
5722       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
5723  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
5724  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
5725  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
5726  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
5727  moreover AOT_assume x ([E!]x  [E!]x)
5728  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
5729  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
5730  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
5731  moreover AOT_have ¬𝒜E!a using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
5732  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
5733  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5734qed
5735
5736AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
5737  apply (rule "df-cont-nec"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)];
5738       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
5739  apply (rule "contingent-properties:4"[THEN "≡Df", THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5740  apply (rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "useful-tautologies:2"[THEN "→E"])
5741  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
5742
5743(* TODO: cleanup *)
5744AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
5745proof -
5746  AOT_have 1: L
5747    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5748  {
5749    fix φ and Π Π' :: <κ>
5750    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
5751    proof (rule "raa-cor:2")
5752      AOT_assume φ{Π'}  φ{Π}
5753      AOT_hence φ{Π'} using that(1) "≡E" by blast
5754      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
5755    qed
5756    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
5757      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E", OF that(1,2), OF A[OF that(3, 4)]].
5758  } note 0 = this
5759  show ?thesis
5760    apply(safe intro!: "&I"; rule 0)
5761    using "cqt:2[concrete]"[axiom_inst] apply blast
5762    using "oa-exist:1" apply blast
5763    using "cont-nec-fact2:3" apply fast
5764    apply (rule "useful-tautologies:2"[THEN "→E"])
5765    using "cont-nec-fact2:1" apply fast
5766    using "rel-neg-T:3" apply fast
5767    using "oa-exist:1" apply blast
5768    using "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:3", OF "cqt:2[concrete]"[axiom_inst]] apply fast
5769    apply (rule "useful-tautologies:2"[THEN "→E"])
5770    using "cont-nec-fact2:1" apply blast
5771    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5772    using "oa-exist:1" apply fast
5773    using "cont-nec-fact2:4" apply fast
5774    apply (rule "useful-tautologies:2"[THEN "→E"])
5775    using "cont-nec-fact2:1" apply fast
5776    using "rel-neg-T:3" apply fast
5777    using "oa-exist:1" apply fast
5778    apply (rule "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
5779    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5780    apply (rule "useful-tautologies:2"[THEN "→E"])
5781    using "cont-nec-fact2:1" by blast
5782qed
5783
5784(* TODO: cleanup together with above *)
5785AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
5786proof -
5787  AOT_have 1: L
5788    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5789  {
5790    fix φ and Π Π' :: <κ>
5791    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
5792    proof (rule "raa-cor:2")
5793      AOT_assume φ{Π'}  φ{Π}
5794      AOT_hence φ{Π'} using that(1) "≡E" by blast
5795      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
5796    qed
5797    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
5798      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E", OF that(1,2), OF A[OF that(3, 4)]].
5799  } note 0 = this
5800  show ?thesis
5801    apply(safe intro!: "&I"; rule 0)
5802    using "cqt:2[concrete]"[axiom_inst] apply blast
5803    using "oa-exist:2" apply blast
5804    using "cont-nec-fact2:3" apply fast
5805    apply (rule "useful-tautologies:2"[THEN "→E"])
5806    using "cont-nec-fact2:2" apply fast
5807    using "rel-neg-T:3" apply fast
5808    using "oa-exist:2" apply blast
5809    using "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:3", OF "cqt:2[concrete]"[axiom_inst]] apply fast
5810    apply (rule "useful-tautologies:2"[THEN "→E"])
5811    using "cont-nec-fact2:2" apply blast
5812    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5813    using "oa-exist:2" apply fast
5814    using "cont-nec-fact2:4" apply fast
5815    apply (rule "useful-tautologies:2"[THEN "→E"])
5816    using "cont-nec-fact2:2" apply fast
5817    using "rel-neg-T:3" apply fast
5818    using "oa-exist:2" apply fast
5819    apply (rule "cont-nec-fact1:1"[unvarify F, THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
5820    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
5821    apply (rule "useful-tautologies:2"[THEN "→E"])
5822    using "cont-nec-fact2:2" by blast
5823qed
5824
5825AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
5826  Δp df p  (¬𝒜p & p)
5827
5828AOT_theorem sixteen:
5829 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
5830«F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 & F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 & F1  F14 & F1  F15 & F1  F16 &
5831F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 & F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 & F2  F15 & F2  F16 &
5832F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 & F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
5833F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 & F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
5834F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 & F5  F13 & F5  F14 & F5  F15 & F5  F16 &
5835F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 & F6  F14 & F6  F15 & F6  F16 &
5836F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 & F7  F15 & F7  F16 &
5837F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 & F8  F16 &
5838F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
5839F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
5840F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
5841F12  F13 & F12  F14 & F12  F15 & F12  F16 &
5842F13  F14 & F13  F15 & F13  F16 &
5843F14  F15 & F14  F16 &
5844F15  F16) 
5845proof -
5846
5847  AOT_have Delta_pos: Δφ  φ for φ
5848  proof(rule "→I")
5849    AOT_assume Δφ
5850    AOT_hence φ  (¬𝒜φ & φ)
5851      using "≡dfE"[OF necessary_or_contingently_false] by blast
5852    moreover {
5853      AOT_assume φ
5854      AOT_hence φ
5855        by (metis "B◇" "T◇" "vdash-properties:10")
5856    }
5857    moreover {
5858      AOT_assume ¬𝒜φ & φ
5859      AOT_hence φ
5860        using "&E" by blast
5861    }
5862    ultimately AOT_show φ
5863      by (metis "∨E"(2) "raa-cor:1") 
5864  qed
5865
5866  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
5867    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false "raa-cor:3" that(1) that(2) by blast
5868  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
5869    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1) that(2) by blast
5870  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
5871    using Delta_pos "modus-tollens:1" that by blast
5872  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
5873    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1) that(2))
5874  AOT_have nec_delta: Δφ if φ for φ
5875    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
5876
5877  AOT_obtain a where a_prop: A!a
5878    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
5879  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
5880    using "pos-not-pna:3" using "∃E"[rotated] by blast
5881
5882  AOT_have b_ord: [O!]b
5883  proof(rule "=dfI"(2)[OF AOT_ordinary])
5884    AOT_show x [E!]x] by "cqt:2[lambda]"
5885  next
5886    AOT_show x [E!]x]b
5887    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
5888      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
5889      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
5890    qed
5891  qed
5892
5893  AOT_have nec_not_L_neg: ¬[L-]x for x
5894    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
5895          CBF[THEN "→E"] "∀E" by blast
5896  AOT_have nec_L: [L]x for x
5897    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
5898      CBF[THEN "→E"] "∀E" by blast
5899
5900  AOT_have act_ord_b: 𝒜[O!]b
5901    using b_ord "≡E"(1) "oa-facts:7" by blast
5902  AOT_have delta_ord_b: Δ[O!]b
5903    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false "oa-facts:1" "vdash-properties:10")
5904  AOT_have not_act_ord_a: ¬𝒜[O!]a
5905    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
5906  AOT_have not_delta_ord_a: ¬Δ[O!]a
5907    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7" "reductio-aa:1" "vdash-properties:10")
5908
5909  AOT_have not_act_abs_b: ¬𝒜[A!]b
5910    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
5911  AOT_have not_delta_abs_b: ¬Δ[A!]b
5912  proof(rule "raa-cor:2")
5913    AOT_assume Δ[A!]b
5914    AOT_hence [A!]b
5915      by (metis Delta_pos "vdash-properties:10")
5916    AOT_thus [A!]b & ¬[A!]b
5917      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2" "oa-facts:4" "vdash-properties:10")
5918  qed
5919  AOT_have act_abs_a: 𝒜[A!]a
5920    using a_prop "≡E"(1) "oa-facts:8" by blast
5921  AOT_have delta_abs_a: Δ[A!]a
5922      by (metis "≡dfI" a_prop "oa-facts:2" "vdash-properties:10" "∨I"(1) necessary_or_contingently_false)
5923
5924  AOT_have not_act_concrete_b: ¬𝒜[E!]b
5925    using b_prop "&E"(2) by blast
5926  AOT_have delta_concrete_b: Δ[E!]b
5927  proof (rule "≡dfI"[OF necessary_or_contingently_false]; rule "∨I"(2); rule "&I")
5928    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
5929  next
5930    AOT_show [E!]b using b_prop "&E"(1) by blast
5931  qed
5932  AOT_have not_act_concrete_a: ¬𝒜[E!]a
5933  proof (rule "raa-cor:2")
5934    AOT_assume 𝒜[E!]a
5935    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "vdash-properties:10")
5936    AOT_have [A!]a by (simp add: a_prop)
5937    AOT_hence x ¬[E!]x]a
5938      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5939    AOT_hence ¬[E!]a using "β→C"(1) by blast
5940    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
5941  qed
5942  AOT_have not_delta_concrete_a: ¬Δ[E!]a
5943  proof (rule "raa-cor:2")
5944    AOT_assume Δ[E!]a
5945    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
5946    AOT_have [A!]a by (simp add: a_prop)
5947    AOT_hence x ¬[E!]x]a
5948      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
5949    AOT_hence ¬[E!]a using "β→C"(1) by blast
5950    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
5951  qed
5952
5953  AOT_have not_act_q_zero: ¬𝒜q0
5954    by (meson "log-prop-prop:2" "pos-not-pna:1" q0_def "reductio-aa:1" "rule-id-df:2:a[zero]")
5955  AOT_have delta_q_zero: Δq0
5956  proof(rule "≡dfI"[OF necessary_or_contingently_false]; rule "∨I"(2); rule "&I")
5957    AOT_show ¬𝒜q0 using not_act_q_zero.
5958    AOT_show q0 by (meson "&E"(1) q0_prop)
5959  qed
5960  AOT_have act_not_q_zero: 𝒜¬q0 using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
5961  AOT_have not_delta_not_q_zero: ¬Δ¬q0
5962      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
5963
5964  AOT_have [L-] by (simp add: "rel-neg-T:3")
5965  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
5966  proof (safe intro!: "&I")
5967    AOT_show ¬𝒜[L-]b by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act" nec_not_L_neg "→E")
5968    AOT_show ¬Δ[L-]b by (meson Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1" nec_not_L_neg)
5969    AOT_show ¬𝒜[L-]a by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act" nec_not_L_neg "→E")
5970    AOT_show ¬Δ[L-]a using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1" nec_not_L_neg by blast
5971  qed
5972  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
5973    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
5974  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
5975    using "&E" by blast+
5976  note props = this
5977
5978  let  = "«y [A!]y & q0]»"
5979  AOT_modally_strict {
5980    AOT_have [«»] by "cqt:2[lambda]"
5981  } note 1 = this
5982  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
5983  proof (safe intro!: "&I"; AOT_subst y A!y & q0]x A!x & q0 for: x)
5984    AOT_show ¬𝒜([A!]b & q0)
5985      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
5986  next AOT_show ¬Δ([A!]b & q0)
5987      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b "oa-facts:4" "oa-facts:8" "raa-cor:3" "vdash-properties:10")
5988  next AOT_show ¬𝒜([A!]a & q0)
5989      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero "raa-cor:3" by blast
5990  next AOT_show Δ([A!]a & q0)
5991    proof (rule not_act_and_pos_delta)
5992      AOT_show ¬𝒜([A!]a & q0)
5993        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero "raa-cor:3" by blast
5994    next AOT_show ([A!]a & q0)
5995        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a "≡E"(1) "oa-facts:6" q0_prop)
5996    qed
5997  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
5998  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
5999    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6000  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
6001    using "&E" by blast+
6002  note props = props this
6003
6004  let  = "«y [A!]y & ¬q0]»"
6005  AOT_modally_strict {
6006    AOT_have [«»] by "cqt:2[lambda]"
6007  } note 1 = this
6008  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
6009  proof (safe intro!: "&I"; AOT_subst y A!y & ¬q0]x A!x & ¬q0 for: x)
6010    AOT_show ¬𝒜([A!]b & ¬q0)
6011      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
6012  next AOT_show ¬Δ([A!]b & ¬q0)
6013      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4) "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
6014  next AOT_show 𝒜([A!]a & ¬q0)
6015      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:3")
6016  next AOT_show ¬Δ([A!]a & ¬q0)
6017    proof (rule act_and_not_nec_not_delta)
6018      AOT_show 𝒜([A!]a & ¬q0)
6019        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:3")
6020    next
6021      AOT_show ¬([A!]a & ¬q0)
6022        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4) q0_prop "raa-cor:3")
6023    qed
6024  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6025  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
6026    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6027  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
6028    using "&E" by blast+
6029  note props = props this
6030
6031  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
6032    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b by presburger
6033  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
6034    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
6035  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
6036    using "&E" by blast+
6037  note props = props this
6038
6039  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
6040    by (meson "&I" delta_concrete_b not_act_concrete_a not_act_concrete_b not_delta_concrete_a)
6041  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
6042    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6043  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
6044    using "&E" by blast+
6045  note props = props this
6046
6047  AOT_modally_strict {
6048    AOT_have y q0] by "cqt:2[lambda]"
6049  } note 1 = this
6050  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
6051    by (safe intro!: "&I"; AOT_subst y q0]b q0 for: b)
6052       (auto simp: not_act_q_zero delta_q_zero  "beta-C-meta"[THEN "→E", OF 1])
6053  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
6054    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6055  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
6056    using "&E" by blast+
6057  note props = props this
6058
6059  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
6060  AOT_modally_strict {
6061    AOT_have [«»] by "cqt:2[lambda]"
6062  } note 1 = this
6063  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
6064  proof(safe intro!: "&I"; AOT_subst y E!y  (A!y & ¬q0)]x E!x  (A!x & ¬q0) for: x)
6065    AOT_have 𝒜¬([A!]b & ¬q0)
6066      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
6067                "≡E"(1) "raa-cor:3")
6068    moreover AOT_have ¬𝒜[E!]b
6069      using b_prop "&E"(2) by blast
6070    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
6071      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
6072    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
6073      by (AOT_subst ¬([E!]b  ([A!]b & ¬q0)) ¬[E!]b & ¬([A!]b & ¬q0))
6074         (auto simp: "oth-class-taut:5:d" 2)
6075    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
6076      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
6077  next
6078    AOT_show Δ([E!]b  ([A!]b & ¬q0))
6079    proof (rule not_act_and_pos_delta)
6080      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
6081        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "Conjunction Simplification"(1) "≡E"(4) "modus-tollens:1" not_act_abs_b not_act_concrete_b "raa-cor:3")
6082    next
6083      AOT_show ([E!]b  ([A!]b & ¬q0))
6084        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
6085    qed
6086  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
6087      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I" "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
6088  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
6089    proof (rule act_and_not_nec_not_delta)
6090      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
6091        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I" "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
6092    next
6093      AOT_have ¬[E!]a
6094        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2) necessary_or_contingently_false not_act_concrete_a not_delta_concrete_a "raa-cor:3")
6095      moreover AOT_have ¬([A!]a & ¬q0)
6096        by (metis "KBasic2:1" "KBasic:11" "KBasic:3" "&E"(1) "&E"(2) "≡E"(1) q0_prop "raa-cor:3")
6097      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0)) by (metis "KBasic:16" "&I" "vdash-properties:10")
6098      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
6099        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
6100      AOT_thus ¬([E!]a  ([A!]a & ¬q0)) by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
6101    qed
6102  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6103  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
6104    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6105  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
6106    using "&E" by blast+
6107  note props = props this
6108
6109  let  = "«y [A!]y  [E!]y]»"
6110  AOT_modally_strict {
6111    AOT_have [«»] by "cqt:2[lambda]"
6112  } note 1 = this
6113  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
6114  proof(safe intro!: "&I"; AOT_subst y A!y  E!y]x A!x  E!x for: x)
6115    AOT_show ¬𝒜([A!]b  [E!]b)
6116      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b not_act_concrete_b "raa-cor:3" by blast
6117  next AOT_show Δ([A!]b  [E!]b)
6118    proof (rule not_act_and_pos_delta)
6119      AOT_show ¬𝒜([A!]b  [E!]b)
6120        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b not_act_concrete_b "raa-cor:3" by blast
6121    next AOT_show ([A!]b  [E!]b)
6122        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
6123    qed
6124  next AOT_show 𝒜([A!]a  [E!]a)
6125      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
6126  next AOT_show Δ([A!]a  [E!]a)
6127    proof (rule nec_delta)
6128      AOT_show ([A!]a  [E!]a)
6129        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "vdash-properties:10")
6130    qed
6131  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6132  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
6133    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6134  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
6135    using "&E" by blast+
6136  note props = props this
6137
6138  let  = "«y [O!]y & ¬[E!]y]»"
6139  AOT_modally_strict {
6140    AOT_have [«»] by "cqt:2[lambda]"
6141  } note 1 = this
6142  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
6143  proof(safe intro!: "&I"; AOT_subst y O!y & ¬E!y]x O!x & ¬E!x for: x)
6144    AOT_show 𝒜([O!]b & ¬[E!]b)
6145      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:3")
6146  next AOT_show ¬Δ([O!]b & ¬[E!]b)
6147      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1" act_and_not_nec_not_delta "act-conj-act:3"
6148                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2) "df-rules-formulas[3]"
6149                "≡E"(3) "raa-cor:1" "→E")
6150  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
6151      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
6152  next AOT_have ¬([O!]a & ¬[E!]a)
6153      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7" "raa-cor:3" "vdash-properties:10")
6154    AOT_thus ¬Δ([O!]a & ¬[E!]a)
6155      by (rule impossible_delta)
6156  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6157  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
6158    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6159  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
6160    using "&E" by blast+
6161  note props = props this
6162
6163  (* TODO_PLM: binary property 9 wrong in PLM *)
6164  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
6165  AOT_modally_strict {
6166    AOT_have [«»] by "cqt:2[lambda]"
6167  } note 1 = this
6168  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6169  proof(safe intro!: "&I"; AOT_subst y ¬E!y & (O!y  q0)]x ¬E!x & (O!x  q0) for: x)
6170    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
6171      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I" "∨I"(1)
6172                "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
6173  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
6174    proof (rule act_and_pos_not_not_delta)
6175      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
6176        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I" "∨I"(1)
6177                  "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
6178    next
6179      AOT_show ¬(¬[E!]b & ([O!]b  q0))
6180      proof (AOT_subst ¬(¬[E!]b & ([O!]b  q0)) [E!]b  ¬([O!]b  q0))
6181        AOT_modally_strict {
6182          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
6183            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2) "∨E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
6184        }
6185      next
6186        AOT_show ([E!]b  ¬([O!]b  q0))
6187          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
6188       qed
6189     qed
6190   next
6191     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
6192       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1) not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
6193   next
6194     AOT_show Δ(¬[E!]a & ([O!]a  q0))
6195     proof (rule not_act_and_pos_delta)
6196       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
6197         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1) not_act_ord_a not_act_q_zero "reductio-aa:2")
6198     next
6199       AOT_have ¬[E!]a
6200         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a not_delta_concrete_a "raa-cor:5" by blast
6201       moreover AOT_have ([O!]a  q0)
6202         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
6203       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
6204         by (metis "KBasic:16" "&I" "vdash-properties:10")
6205     qed
6206   qed(auto simp:  "beta-C-meta"[THEN "→E", OF 1])
6207  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
6208    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6209  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
6210    using "&E" by blast+
6211  note props = props this
6212
6213  AOT_modally_strict {
6214    AOT_have y ¬q0] by "cqt:2[lambda]"
6215  } note 1 = this
6216  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
6217    by (safe intro!: "&I"; AOT_subst y ¬q0]x ¬q0 for: x)
6218       (auto simp: act_not_q_zero not_delta_not_q_zero "beta-C-meta"[THEN "→E", OF 1])
6219  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
6220    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6221  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
6222    using "&E" by blast+
6223  note props = props this
6224
6225  AOT_modally_strict {
6226    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
6227  } note 1 = this
6228  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b & 𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
6229  proof (safe intro!: "&I"; AOT_subst y ¬[E!]y]x ¬[E!]x for: x)
6230    AOT_show 𝒜¬[E!]b
6231      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
6232  next AOT_show ¬Δ¬[E!]b
6233      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
6234  next AOT_show 𝒜¬[E!]a
6235      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
6236  next AOT_show Δ¬[E!]a
6237      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta not_act_concrete_a not_delta_concrete_a "reductio-aa:1" by blast
6238  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6239  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
6240    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6241  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
6242    using "&E" by blast+
6243  note props = props this
6244
6245  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
6246    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
6247  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
6248    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6249  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
6250    using "&E" by blast+
6251  note props = props this
6252
6253  let  = "«y [O!]y  q0]»"
6254  AOT_modally_strict {
6255    AOT_have [«»] by "cqt:2[lambda]"
6256  } note 1 = this
6257  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6258  proof (safe intro!: "&I"; AOT_subst y O!y  q0]x O!x  q0 for: x)
6259    AOT_show 𝒜([O!]b  q0)
6260      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
6261  next AOT_show Δ([O!]b  q0)
6262      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "vdash-properties:10")
6263  next AOT_show ¬𝒜([O!]a  q0)
6264      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a not_act_q_zero "raa-cor:3" by blast
6265  next AOT_show Δ([O!]a  q0)
6266    proof (rule not_act_and_pos_delta)
6267      AOT_show ¬𝒜([O!]a  q0)
6268        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a not_act_q_zero "raa-cor:3" by blast
6269    next AOT_show ([O!]a  q0)
6270        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
6271    qed
6272  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6273  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
6274    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6275  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
6276    using "&E" by blast+
6277  note props = props this
6278
6279  let  = "«y [O!]y  ¬q0]»"
6280  AOT_modally_strict {
6281     AOT_have [«»] by "cqt:2[lambda]"
6282  } note 1 = this
6283  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
6284  proof (safe intro!: "&I"; AOT_subst y O!y  ¬q0]x O!x  ¬q0 for: x)
6285    AOT_show 𝒜([O!]b  ¬q0)
6286      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6287  next AOT_show Δ([O!]b  ¬q0)
6288      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "vdash-properties:10")
6289  next AOT_show 𝒜([O!]a  ¬q0)
6290      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6291  next AOT_show ¬Δ([O!]a  ¬q0)
6292    proof(rule act_and_pos_not_not_delta)
6293      AOT_show 𝒜([O!]a  ¬q0)
6294        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
6295    next
6296      AOT_have ¬[O!]a
6297        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
6298      moreover AOT_have q0
6299        by (meson "&E"(1) q0_prop)
6300      ultimately AOT_have 2: (¬[O!]a & q0)
6301         by (metis "KBasic:16" "&I" "vdash-properties:10")
6302      AOT_show ¬([O!]a  ¬q0)
6303      proof (AOT_subst (reverse) ¬([O!]a  ¬q0) ¬[O!]a & q0)
6304        AOT_modally_strict {
6305          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
6306            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
6307                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
6308        }
6309      next
6310        AOT_show (¬[O!]a & q0)
6311          using "2" by blast
6312      qed
6313    qed
6314  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
6315  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
6316    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6317  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
6318    using "&E" by blast+
6319  note props = props this
6320
6321  AOT_have [L]
6322    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6323  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
6324  proof (safe intro!: "&I")
6325    AOT_show 𝒜[L]b
6326      by (meson nec_L "nec-imp-act" "vdash-properties:10")
6327    next AOT_show Δ[L]b using nec_L nec_delta by blast
6328    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "vdash-properties:10")
6329    next AOT_show Δ[L]a using nec_L nec_delta by blast
6330  qed
6331  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
6332    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6333  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
6334    using "&E" by blast+
6335  note props = props this
6336
6337  show ?thesis
6338    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1]; rule "∃I"(2)[where β=F2];
6339           rule "∃I"(2)[where β=F3]; rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
6340           rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7]; rule "∃I"(2)[where β=F8];
6341           rule "∃I"(2)[where β=F9]; rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
6342           rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13]; rule "∃I"(2)[where β=F14];
6343           rule "∃I"(2)[where β=F15]; safe intro!: "&I")
6344       (match conclusion in "[?v  [F]  [G]]" for F G  6345        match props in A: "[?v  ¬φ{F}]" for φ 6346        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 6347        match props in B: "[?v  φ{G}]" 6348        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
6349                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
6350                                OF "Disjunction Addition"(2)[THEN "→E"],
6351                                OF "&I", OF A, OF B]››››)+
6352qed
6353
6354AOT_theorem "o-objects-exist:1": x O!x
6355proof(rule RN)
6356  AOT_modally_strict {
6357    AOT_obtain a where (E!a & ¬𝒜[E!]a)
6358      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]] by blast
6359    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
6360    AOT_have x [E!]x]a
6361    proof (rule "β←C"(1); "cqt:2[lambda]"?)
6362      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
6363    next
6364      AOT_show E!a by (fact 1)
6365    qed
6366    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6367    AOT_thus x [O!]x by (rule "∃I")
6368  }
6369qed
6370
6371AOT_theorem "o-objects-exist:2": x A!x
6372proof (rule RN)
6373  AOT_modally_strict {
6374    AOT_obtain a where [A!]a
6375      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6376    AOT_thus x A!x using "∃I" by blast
6377  }
6378qed
6379
6380AOT_theorem "o-objects-exist:3": ¬x O!x
6381  by (rule RN) (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]" "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2" "qml:2"[axiom_inst] "reductio-aa:2")
6382
6383AOT_theorem "o-objects-exist:4": ¬x A!x
6384  by (rule RN) (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]" "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2" "qml:2"[axiom_inst] "→E")
6385
6386AOT_theorem "o-objects-exist:5": ¬x E!x
6387proof (rule RN; rule "raa-cor:2")
6388  AOT_modally_strict {
6389    AOT_assume x E!x
6390    moreover AOT_obtain a where abs: A!a
6391      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]] "∃E"[rotated] by blast
6392    ultimately AOT_have E!a using "∀E" by blast
6393    AOT_hence 1: E!a by (metis "T◇" "→E")
6394    AOT_have y E!y]a
6395    proof (rule "β←C"(1); "cqt:2[lambda]"?)
6396      AOT_show a using "cqt:2[const_var]"[axiom_inst].
6397    next
6398      AOT_show E!a by (fact 1)
6399    qed
6400    AOT_hence O!a
6401      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6402    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
6403    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
6404  }
6405qed
6406
6407AOT_theorem partition: ¬x (O!x & A!x)
6408proof(rule "raa-cor:2")
6409  AOT_assume x (O!x & A!x)
6410  then AOT_obtain a where O!a & A!a using "∃E"[rotated] by blast
6411  AOT_thus p & ¬p for p by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1) "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
6412qed
6413
6414AOT_define eq_E :: ‹Π› ("'(=E')") "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
6415
6416syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
6417translations
6418  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
6419(* TODO: try to replace by a simple translations pattern *)
6420print_translation6421AOT_syntax_print_translations
6422[(const_syntax‹AOT_exe›, fn ctxt => fn [
6423  Const ("constAOT_PLM.eq_E", _),
6424  Const (const_syntax‹Pair›, _) $ lhs $ rhs
6425] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
6426
6427text‹Note: Not explicitly mentioned as theorem in PLM.›
6428AOT_theorem "=E[denotes]": [(=E)]
6429  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
6430
6431AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
6432proof -
6433  (* TODO: rethink the product hacks *)
6434  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
6435    by (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6436  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2[lambda]"
6437  show ?thesis apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
6438    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(AOT_term_of_var x,AOT_term_of_var y)", OF 0]
6439    by fast
6440qed
6441
6442AOT_theorem "=E-simple:2": x =E y  x = y
6443proof (rule "→I")
6444  AOT_assume x =E y
6445  AOT_hence O!x & O!y & F ([F]x  [F]y) using "=E-simple:1"[THEN "≡E"(1)] by blast
6446  AOT_thus x = y
6447    using "≡dfI"[OF "identity:1"] "∨I" by blast
6448qed
6449
6450AOT_theorem "id-nec3:1": x =E y  (x =E y)
6451proof (rule "≡I"; rule "→I")
6452  AOT_assume x =E y
6453  AOT_hence O!x & O!y & F ([F]x  [F]y)
6454    using "=E-simple:1" "≡E" by blast
6455  AOT_hence O!x & O!y & F ([F]x  [F]y)
6456    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4) "oa-facts:1" "raa-cor:3" "vdash-properties:10")
6457  AOT_hence (O!x & O!y & F ([F]x  [F]y))
6458    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
6459  AOT_thus (x =E y)
6460    using "=E-simple:1"
6461    by (AOT_subst x =E y O!x & O!y & F ([F]x  [F]y)) auto
6462next
6463  AOT_assume (x =E y)
6464  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
6465qed
6466
6467AOT_theorem "id-nec3:2": (x =E y)  x =E y
6468  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1) "≡E"(5) "Commutativity of ≡")
6469
6470AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
6471  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
6472
6473syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
6474translations
6475  (Π) "(≠E)" == (Π) "(=E)-"
6476syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
6477translations
6478 "_AOT_non_eq_E_infix κ κ'" == "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
6479(* TODO: try replacing be a simple translations pattern *)
6480print_translation6481AOT_syntax_print_translations
6482[(const_syntax‹AOT_exe›, fn ctxt => fn [
6483  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
6484  Const (const_syntax‹Pair›, _) $ lhs $ rhs
6485] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
6486AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
6487proof -
6488  (* TODO: rethink the product hacks *)
6489  AOT_have 0: «(AOT_term_of_var x,AOT_term_of_var y)»
6490    by (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6491  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2[lambda]" (* TODO_PLM: convoluted proof in PLM; TODO: product hack *)
6492  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
6493    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
6494       (meson "oth-class-taut:3:a")
6495  also AOT_have   ¬(=E)xy
6496    apply (rule "beta-C-meta"[THEN "→E", unvarify ν1νn])
6497     apply "cqt:2[lambda]"
6498    by (fact 0)
6499  finally show ?thesis.
6500qed
6501
6502AOT_theorem "id-nec4:1": x E y  (x E y)
6503proof -
6504  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
6505  also AOT_have   ¬(x =E y)
6506    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
6507  also AOT_have   ¬(x =E y)
6508    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
6509  also AOT_have   (x E y)
6510    by (AOT_subst (reverse) ¬(x =E y) x E y)
6511       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
6512  finally show ?thesis.
6513qed
6514
6515AOT_theorem "id-nec4:2": (x E y)  (x E y)
6516  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2) "≡E"(5) "Commutativity of ≡")
6517
6518AOT_theorem "id-nec4:3": (x E y)  (x E y)
6519  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
6520
6521AOT_theorem "id-act2:1": x =E y  𝒜x =E y
6522  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1) "≡E"(6))
6523AOT_theorem "id-act2:2": x E y  𝒜x E y
6524  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1) "≡E"(6))
6525
6526AOT_theorem "ord=Eequiv:1": O!x  x =E x
6527proof (rule "→I")
6528  AOT_assume 1: O!x
6529  AOT_show x =E x
6530    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
6531    apply (rule "β←C"(1))
6532      apply "cqt:2[lambda]"
6533     apply (simp add: "&I" "cqt:2[const_var]" prod_denotesI "vdash-properties:1[2]")
6534    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
6535qed
6536
6537AOT_theorem "ord=Eequiv:2": x =E y  y =E x
6538proof(rule CP)
6539  AOT_assume 1: x =E y
6540  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
6541  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
6542  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
6543  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
6544qed
6545
6546AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
6547proof (rule CP)
6548  AOT_assume 1: x =E y & y =E z
6549  AOT_hence x = y & y = z
6550    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
6551  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
6552  moreover AOT_have x =E x
6553    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1) "ord=Eequiv:1" "→E" by blast
6554  ultimately AOT_show x =E z
6555    using "rule=E" by fast
6556qed
6557
6558AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
6559proof(rule CP)
6560  AOT_assume O!x  O!y
6561  moreover {
6562    AOT_assume O!x
6563    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
6564    moreover {
6565      AOT_modally_strict {
6566        AOT_have O!x  (x = y  x =E y)
6567        proof (rule "→I"; rule "≡I"; rule "→I")
6568          AOT_assume O!x
6569          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
6570          moreover AOT_assume x = y
6571          ultimately AOT_show x =E y using "rule=E" by fast
6572        next
6573          AOT_assume x =E y
6574          AOT_thus x = y by (metis "=E-simple:2" "→E")
6575        qed
6576      }
6577      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
6578    }
6579    ultimately AOT_have (x = y  x =E y) using "→E" by blast
6580  }
6581  moreover {
6582    AOT_assume O!y
6583    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
6584    moreover {
6585      AOT_modally_strict {
6586        AOT_have O!y  (x = y  x =E y)
6587        proof (rule "→I"; rule "≡I"; rule "→I")
6588          AOT_assume O!y
6589          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
6590          moreover AOT_assume x = y
6591          ultimately AOT_show x =E y using "rule=E" id_sym by fast
6592        next
6593          AOT_assume x =E y
6594          AOT_thus x = y by (metis "=E-simple:2" "→E")
6595        qed
6596      }
6597      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
6598    }
6599    ultimately AOT_have (x = y  x =E y) using "→E" by blast
6600  }
6601  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
6602qed
6603
6604AOT_theorem "ord-=E=:2": O!y  x x = y]
6605proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
6606  AOT_show x x =E y] by "cqt:2[lambda]"
6607next
6608  AOT_assume O!y
6609  AOT_hence 1: (x = y  x =E y) for x using "ord-=E=:1" "→E" "∨I" by blast
6610  AOT_have (x =E y  x = y) for x
6611    by (AOT_subst x =E y  x = y x = y  x =E y)
6612       (auto simp add: "Commutativity of ≡" 1)
6613  AOT_hence x (x =E y  x = y) by (rule GEN)
6614  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
6615qed
6616
6617
6618AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
6619proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
6620  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
6621next
6622  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
6623  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
6624    AOT_modally_strict {
6625      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
6626        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
6627                  "modus-tollens:1" "raa-cor:1" that)
6628    }
6629  next
6630    AOT_modally_strict {
6631      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
6632        apply(safe intro!: "&I")
6633          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
6634         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
6635        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
6636              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]] by fast
6637    }
6638  qed
6639qed
6640
6641AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
6642proof(rule "→I")
6643  AOT_assume F ([F]x  [F]y)
6644  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
6645  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
6646    using "∀E" by blast
6647  moreover AOT_have x F ([F]x  [F]y)]y
6648    apply (rule "β←C"(1))
6649      apply "cqt:2[lambda]"
6650     apply (fact "cqt:2[const_var]"[axiom_inst])
6651    by (simp add: RN GEN "oth-class-taut:3:a")
6652  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
6653  AOT_thus F ([F]x  [F]y)
6654    using "β→C"(1) by blast
6655qed
6656
6657AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
6658proof (rule "→I"; rule "→I")
6659  AOT_assume F ([F]x  [F]y)
6660  AOT_hence F ([F]x  [F]y)
6661    using "ind-nec"[THEN "→E"] by blast
6662  moreover AOT_assume O!x & O!y
6663  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
6664    using "&I" by blast
6665  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
6666qed
6667
6668AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
6669proof (rule "→I"; rule "→I")
6670  AOT_assume O!x & O!y
6671  moreover AOT_assume F ([F]x  [F]y)
6672  ultimately AOT_have x =E y
6673    using "ord=E:1" "→E" by blast
6674  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
6675qed
6676
6677AOT_theorem "ord=E2:1": (O!x & O!y)  (x  y  z z =E x]  z z =E y])
6678proof (rule "→I"; rule "≡I"; rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6679  AOT_assume 0: O!x & O!y
6680  AOT_assume x  y
6681  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
6682  AOT_assume z z =E x] = z z =E y]
6683  moreover AOT_have z z =E x]x
6684    apply (rule "β←C"(1))
6685      apply "cqt:2[lambda]"
6686     apply (fact "cqt:2[const_var]"[axiom_inst])
6687    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
6688  ultimately AOT_have z z =E y]x using "rule=E" by fast
6689  AOT_hence x =E y using "β→C"(1) by blast
6690  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
6691  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
6692next
6693  AOT_assume z z =E x]  z z =E y]
6694  AOT_hence 0: ¬(z z =E x] = z z =E y]) using "≡dfE"[OF "=-infix"] by blast
6695  AOT_have z z =E x] by "cqt:2[lambda]"
6696  AOT_hence z z =E x] = z z =E x]
6697    by (metis "rule=I:1")
6698  moreover AOT_assume x = y
6699  ultimately AOT_have z z =E x] = z z =E y]
6700    using "rule=E" by fast
6701  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
6702    using 0 "&I" by blast
6703qed
6704
6705AOT_theorem "ord=E2:2": (O!x & O!y)  (x  y  z z = x]  z z = y])
6706proof (rule "→I"; rule "≡I"; rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6707  AOT_assume 0: O!x & O!y
6708  AOT_assume x  y
6709  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
6710  AOT_assume z z = x] = z z = y]
6711  moreover AOT_have z z = x]x
6712    apply (rule "β←C"(1))
6713    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
6714     apply (fact "cqt:2[const_var]"[axiom_inst])
6715    by (simp add: "id-eq:1")
6716  ultimately AOT_have z z = y]x using "rule=E" by fast
6717  AOT_hence x = y using "β→C"(1) by blast
6718  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
6719next
6720  AOT_assume 0: O!x & O!y
6721  AOT_assume z z = x]  z z = y]
6722  AOT_hence 1: ¬(z z = x] = z z = y]) using "≡dfE"[OF "=-infix"] by blast
6723  AOT_have z z = x] by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
6724  AOT_hence z z = x] = z z = x]
6725    by (metis "rule=I:1")
6726  moreover AOT_assume x = y
6727  ultimately AOT_have z z = x] = z z = y]
6728    using "rule=E" by fast
6729  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
6730    using 1 "&I" by blast
6731qed
6732
6733AOT_theorem ordnecfail: O!x  ¬F x[F]
6734  by (meson "RM:1" "deduction-theorem" nocoder "oa-facts:1" "vdash-properties:10" "vdash-properties:1[2]")
6735
6736AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
6737proof (rule "→I"; rule "→I")
6738  AOT_assume 1: A!x & A!y
6739  AOT_assume F (x[F]  y[F])
6740  AOT_hence x[F]  y[F] for F using "∀E" by blast
6741  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
6742  AOT_hence F (x[F]  y[F]) by (rule GEN)
6743  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
6744  AOT_thus x = y
6745    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
6746qed
6747
6748AOT_theorem "ab-obey:2": (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
6749proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6750  AOT_assume 1: x = y
6751  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
6752  moreover {
6753    AOT_assume F (x[F] & ¬y[F])
6754    then AOT_obtain F where x[F] & ¬y[F] using "∃E"[rotated] by blast
6755    moreover AOT_have y[F] using calculation[THEN "&E"(1)] 1 "rule=E" by fast
6756    ultimately AOT_have p & ¬p for p by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
6757  }
6758  moreover {
6759    AOT_assume F (y[F] & ¬x[F])
6760    then AOT_obtain F where y[F] & ¬x[F] using "∃E"[rotated] by blast
6761    moreover AOT_have ¬y[F] using calculation[THEN "&E"(2)] 1 "rule=E" by fast
6762    ultimately AOT_have p & ¬p for p by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
6763  }
6764  ultimately AOT_show p & ¬p for p by (metis "∨E"(3) "raa-cor:1")
6765qed
6766
6767AOT_theorem "encoders-are-abstract": F x[F]  A!x
6768  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
6769            "oa-contingent:3" "vdash-properties:1[2]")
6770
6771AOT_theorem "denote=:1": Hx x[H]
6772  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6773
6774AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
6775  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6776
6777AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
6778  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6779
6780AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
6781  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6782
6783AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
6784  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; fact "cqt:2[const_var]"[axiom_inst])
6785
6786AOT_theorem "denote=:3": x x[Π]  H (H = Π)
6787  using "existence:2[1]" "free-thms:1" "≡E"(2) "≡E"(5) "Commutativity of ≡" "≡Df" by blast
6788
6789AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
6790  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
6791
6792AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
6793  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
6794
6795AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
6796  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
6797
6798AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
6799  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
6800
6801AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
6802proof (rule "uniqueness:1"[THEN "≡dfI"])
6803  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
6804    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
6805  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
6806  proof (rule "→I")
6807    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
6808    AOT_hence β[F]  φ{F} for F using "∀E" "&E" by blast
6809    AOT_hence β[F]  a[F] for F
6810      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2) "≡E"(5) "Commutativity of ≡" by fast
6811    AOT_hence F (β[F]  a[F]) by (rule GEN)
6812    AOT_thus β = a
6813      using "ab-obey:1"[THEN "→E", OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]], THEN "→E"] by blast
6814  qed
6815  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
6816  AOT_thus α ([A!]α & F (α[F]  φ{F}) & β ([A!]β & F (β[F]  φ{F})  β = α))
6817    using "∃I" using a_prop "&I" by fast
6818qed
6819
6820AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
6821  using "A-objects!" by fast
6822
6823AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
6824  using "A-objects!" by fast
6825
6826AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
6827  using "A-objects!" by fast
6828
6829AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
6830  using "A-objects!" by fast
6831
6832AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
6833  using "A-objects!" by fast
6834
6835AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
6836  using "A-objects!" by fast
6837
6838AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
6839  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
6840
6841AOT_act_theorem "thm-can-terms2": y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
6842  using "y-in:2" by blast
6843
6844AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
6845proof(rule "→I")
6846  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
6847  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
6848    using "actual-desc:2"[THEN "→E"] by blast
6849  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
6850  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
6851qed
6852
6853AOT_act_theorem "desc-encode:1": ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6854proof -
6855  AOT_have ιx(A!x & F (x[F]  φ{F}))
6856    by (simp add: "A-descriptions")
6857  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) & F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6858    using "y-in:3"[THEN "→E"] by blast
6859  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6860    using "&E" "∀E" by blast
6861qed
6862
6863AOT_act_theorem "desc-encode:2": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
6864  using "desc-encode:1".
6865
6866AOT_theorem "desc-nec-encode:1": ιx (A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6867proof -
6868  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
6869    by (simp add: "A-descriptions")
6870  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) & F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
6871    using "actual-desc:4"[THEN "→E"] by blast
6872  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6873    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
6874  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6875    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
6876  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
6877    using "∀E" by blast
6878  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6879    using "Act-Basic:5" "≡E"(1) by blast
6880  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
6881    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
6882qed
6883
6884AOT_theorem "desc-nec-encode:2": ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
6885  using "desc-nec-encode:1".
6886
6887AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
6888  by (rule "→I"; rule "desc-nec-encode:2"[THEN "≡E"(2)])
6889     (meson "nec-imp-act" "vdash-properties:10")
6890
6891AOT_theorem "Box-desc-encode:2": φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
6892proof(rule CP)
6893  AOT_assume φ{G}
6894  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
6895  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
6896  proof (rule RM; rule "→I")
6897    AOT_modally_strict {
6898      AOT_assume 1: φ{G}
6899      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G] using "Box-desc-encode:1" "→E" by blast
6900      moreover AOT_have φ{G} using 1 by (meson "qml:2" "vdash-properties:10" "vdash-properties:1[2]")
6901      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
6902        using "deduction-theorem" "≡I" by simp
6903    }
6904  qed
6905  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}) using "→E" by blast
6906qed
6907
6908definition rigid_condition where rigid_condition φ  v . [v  α (φ{α}  φ{α})]
6909syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
6910
6911AOT_theorem "strict-can:1[E]": assumes RIGID_CONDITION(φ)
6912  shows α (φ{α}  φ{α})
6913  using assms[unfolded rigid_condition_def] by auto
6914
6915AOT_theorem "strict-can:1[I]":
6916  assumes  α (φ{α}  φ{α})
6917  shows RIGID_CONDITION(φ)
6918  using assms rigid_condition_def by auto
6919
6920AOT_theorem "box-phi-a:1": assumes RIGID_CONDITION(φ)
6921  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
6922proof (rule "→I")
6923  AOT_assume a: A!x & F (x[F]  φ{F})
6924  AOT_hence b: A!x by (metis "Conjunction Simplification"(1) "oa-facts:2" "vdash-properties:10")
6925  AOT_have x[F]  φ{F} for F using a[THEN "&E"(2)] "∀E" by blast
6926  moreover AOT_have (x[F]  x[F]) for F by (meson "pre-en-eq:1[1]" RN)
6927  moreover AOT_have (φ{F}  φ{F}) for F using RN "strict-can:1[E]"[OF assms] "∀E" by blast
6928  ultimately AOT_have (x[F]  φ{F}) for F
6929    using "sc-eq-box-box:5" "qml:2"[axiom_inst, THEN "→E"] "→E" "&I" by metis
6930  AOT_hence F (x[F]  φ{F}) by (rule GEN)
6931  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
6932  AOT_thus ([A!]x & F (x[F]  φ{F}))
6933    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
6934qed
6935
6936AOT_theorem "box-phi-a:2": assumes RIGID_CONDITION(φ)
6937  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
6938proof(rule "→I")
6939  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
6940  AOT_hence 𝒜(A!y & F (y[F]  φ{F})) using "actual-desc:2"[THEN "→E"] by fast
6941  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
6942    using "Act-Basic:2" "&E" "≡E"(1) by blast+
6943  AOT_hence F 𝒜(y[F]  φ{F}) by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
6944  AOT_hence 𝒜(y[F]  φ{F}) for F using "∀E" by blast
6945  AOT_hence 𝒜y[F]  𝒜φ{F} for F by (metis "Act-Basic:5" "≡E"(1)) 
6946  AOT_hence y[F]  φ{F} for F
6947    using "sc-eq-fur:2"[THEN "→E", OF "strict-can:1[E]"[OF assms, THEN "∀E"(2)[where β=F], THEN RN]]
6948    by (metis "en-eq:10[1]" "≡E"(6))
6949  AOT_hence F (y[F]  φ{F}) by (rule GEN)
6950  AOT_thus [A!]y & F (y[F]  φ{F}) using abs "&I" "≡E"(2) "oa-facts:8" by blast
6951qed
6952
6953AOT_theorem "box-phi-a:3": assumes RIGID_CONDITION(φ)
6954  shows ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
6955  using "desc-nec-encode:2"
6956    "sc-eq-fur:2"[THEN "→E", OF "strict-can:1[E]"[OF assms, THEN "∀E"(2)[where β=F], THEN RN]]
6957    "≡E"(5) by blast
6958
6959AOT_define Null :: ‹τ  φ› ("Null'(_')") 
6960  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
6961
6962AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
6963  "df-null-uni:2": Universal(x) df A!x & F x[F]
6964
6965AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
6966proof (rule "uniqueness:1"[THEN "≡dfI"])
6967  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
6968    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
6969  AOT_have a_null: ¬a[F] for F
6970  proof (rule "raa-cor:2")
6971    AOT_assume a[F]
6972    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
6973    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
6974    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
6975  qed
6976  AOT_have Null(a) & β (Null(β)  β = a)
6977  proof (rule "&I")
6978    AOT_have ¬F a[F] using a_null by (metis "instantiation" "reductio-aa:1")
6979    AOT_thus Null(a)
6980      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
6981  next
6982    AOT_show β (Null(β)  β = a)
6983    proof (rule GEN; rule "→I")
6984      fix β
6985      AOT_assume a: Null(β)
6986      AOT_hence ¬F β[F]
6987        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
6988      AOT_hence β_null: ¬β[F] for F by (metis "existential:2[const_var]" "reductio-aa:1")
6989      AOT_have F (β[F]  a[F])
6990        apply (rule GEN; rule "≡I"; rule CP)
6991        using "raa-cor:3" β_null a_null by blast+
6992      moreover AOT_have A!β using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
6993      ultimately AOT_show β = a
6994        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"] "&I" by blast
6995    qed
6996  qed
6997  AOT_thus α (Null(α) & β (Null(β)  β = α)) using "∃I"(2) by fast
6998qed
6999
7000AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
7001proof (rule "uniqueness:1"[THEN "≡dfI"])
7002  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
7003    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7004  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
7005  AOT_hence Universal(a)
7006    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
7007  moreover AOT_have β (Universal(β)  β = a)
7008  proof (rule GEN; rule "→I")
7009    fix β
7010    AOT_assume Universal(β)
7011    AOT_hence abs_β: A!β and β[F] for F using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
7012    AOT_hence β[F]  a[F] for F using aF by (metis "deduction-theorem" "≡I")
7013    AOT_hence F (β[F]  a[F]) by (rule GEN)
7014    AOT_thus β = a
7015      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"] "&I" abs_β by blast
7016  qed
7017  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
7018    using "&I" "∃I" by fast
7019qed
7020
7021AOT_theorem "null-uni-uniq:3": ιx Null(x)
7022  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
7023
7024AOT_theorem "null-uni-uniq:4": ιx Universal(x)
7025  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
7026
7027AOT_define Null_object :: ‹κs (a)
7028  "df-null-uni-terms:1": a =df ιx Null(x)
7029
7030AOT_define Universal_object :: ‹κs (aV)
7031  "df-null-uni-terms:2": aV =df ιx Universal(x)
7032
7033AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
7034proof (rule "→I")
7035  AOT_assume Null(x)
7036  AOT_hence x_abs: A!x and x_null: ¬F x[F]
7037    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
7038  AOT_have ¬x[F] for F using x_null
7039    using "existential:2[const_var]" "reductio-aa:1"
7040    by metis
7041  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
7042  AOT_hence F ¬x[F] by (rule GEN)
7043  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
7044  moreover AOT_have F ¬x[F]  ¬F x[F]
7045    apply (rule RM)
7046    by (metis (full_types) "instantiation" "cqt:2[const_var]" "deduction-theorem"
7047                           "reductio-aa:1" "rule-ui:1" "vdash-properties:1[2]")
7048  ultimately AOT_have ¬F x[F]
7049    by (metis "→E")
7050  moreover AOT_have A!x using x_abs
7051    using "oa-facts:2" "vdash-properties:10" by blast
7052  ultimately AOT_have r: (A!x & ¬F x[F])
7053    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
7054  AOT_show Null(x)
7055    by (AOT_subst Null(x) A!x & ¬F x[F])
7056       (auto simp: "df-null-uni:1" "≡Df" r)
7057qed  
7058
7059AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
7060proof (rule "→I")
7061  AOT_assume Universal(x)
7062  AOT_hence x_abs: A!x and x_univ: F x[F]
7063    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
7064  AOT_have x[F] for F using x_univ "∀E" by blast
7065  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
7066  AOT_hence F x[F] by (rule GEN)
7067  AOT_hence F x[F] by (rule BF[THEN "→E"])
7068  moreover AOT_have A!x using x_abs
7069    using "oa-facts:2" "vdash-properties:10" by blast
7070  ultimately AOT_have r: (A!x & F x[F])
7071    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
7072  AOT_show Universal(x)
7073    by (AOT_subst Universal(x) A!x & F x[F])
7074       (auto simp add: "df-null-uni:2" "≡Df" r)
7075qed
7076
7077AOT_theorem "null-uni-facts:3": Null(a)
7078  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
7079   apply (simp add: "null-uni-uniq:3")
7080  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
7081    "sc-eq-fur:2"[THEN "→E", OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"], THEN "≡E"(1)]
7082  by blast
7083
7084AOT_theorem "null-uni-facts:4": Universal(aV)
7085  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
7086   apply (simp add: "null-uni-uniq:4")
7087  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
7088    "sc-eq-fur:2"[THEN "→E", OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"], THEN "≡E"(1)]
7089  by blast
7090
7091AOT_theorem "null-uni-facts:5": a  aV
7092proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
7093    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
7094    rule "≡dfI"[OF "=-infix"];
7095    rule "raa-cor:2")
7096  AOT_obtain x where nullx: Null(x)
7097    by (metis "instantiation" "df-null-uni-terms:1" "existential:1" "null-uni-facts:3"
7098              "null-uni-uniq:3" "rule-id-df:2:b[zero]")
7099  AOT_hence act_null: 𝒜Null(x) by (metis "nec-imp-act" "null-uni-facts:1" "vdash-properties:10")
7100  AOT_assume ιx Null(x) = ιx Universal(x)
7101  AOT_hence 𝒜x(Null(x)  Universal(x))
7102    using "actual-desc:5"[THEN "→E"] by blast
7103  AOT_hence x 𝒜(Null(x)  Universal(x))
7104    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
7105  AOT_hence 𝒜Null(x)  𝒜Universal(x)
7106    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
7107  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
7108  AOT_hence Universal(x) by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "vdash-properties:10")
7109  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
7110  moreover AOT_have ¬F x[F] using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
7111  ultimately AOT_show p & ¬p for p by (metis "cqt-further:1" "raa-cor:3" "vdash-properties:10")
7112qed
7113
7114AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
7115proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
7116  AOT_show ιx([A!]x & F (x[F]  F  F))
7117    by (simp add: "A-descriptions")
7118next
7119  AOT_show a
7120    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
7121       (simp add: "null-uni-uniq:3")
7122next
7123  AOT_have ιx([A!]x & F (x[F]  F  F))
7124    by (simp add: "A-descriptions")
7125  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
7126    using "rule=I:1" by blast
7127  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
7128    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"]; rule "&I")
7129    apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3" "null-uni-uniq:3" "rule-id-df:2:a[zero]" "vdash-properties:10")
7130    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
7131next
7132  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
7133  proof (rule GEN)
7134    fix F
7135    AOT_have ¬a[F]
7136      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
7137         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3)
7138                "df-null-uni:1" "df-null-uni-terms:1" "existential:2[const_var]" "null-uni-facts:3"
7139                "raa-cor:2" "rule-id-df:2:a[zero]" "russell-axiom[enc,1].ψ_denotes_asm")
7140    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
7141    proof(rule "raa-cor:2")
7142      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
7143      AOT_hence 𝒜(F  F) using "desc-nec-encode:2"[THEN "≡E"(1), OF 0] by blast
7144      moreover AOT_have ¬𝒜(F  F)
7145        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2) "=-infix" "raa-cor:3" by blast
7146      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
7147    qed
7148    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
7149      using "deduction-theorem" "≡I" "raa-cor:4" by blast
7150  qed
7151qed
7152
7153AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
7154proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
7155  AOT_show ιx([A!]x & F (x[F]  F = F))
7156    by (simp add: "A-descriptions")
7157next
7158  AOT_show aV
7159    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
7160       (simp add: "null-uni-uniq:4")
7161next
7162  AOT_have ιx([A!]x & F (x[F]  F = F))
7163    by (simp add: "A-descriptions")
7164  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
7165    using "rule=I:1" by blast
7166  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
7167    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"]; rule "&I")
7168    apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2" "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]" "vdash-properties:10")
7169    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
7170next
7171  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
7172  proof (rule GEN)
7173    fix F
7174    AOT_have aV[F]
7175      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
7176      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]" "rule-ui:3" by blast
7177    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
7178      using "RA[2]" "desc-nec-encode:2" "id-eq:1" "≡E"(2) by fastforce
7179    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
7180      using "deduction-theorem" "≡I" by simp
7181  qed
7182qed
7183
7184AOT_theorem "aclassical:1": Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
7185proof(rule GEN)
7186  fix R
7187  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
7188    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7189  AOT_have a_enc: az [R]za]
7190  proof (rule "raa-cor:1")
7191    AOT_assume 0: ¬az [R]za]
7192    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7193      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
7194                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated])
7195         "cqt:2[lambda]"
7196    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7197      using "cqt-further:4" "vdash-properties:10" by blast
7198    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za]) using "∀E" by blast
7199    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
7200      by (metis "&I" "deduction-theorem" "raa-cor:3")
7201    moreover AOT_have z [R]za] = z [R]za]
7202      by (rule "=I") "cqt:2[lambda]"
7203    ultimately AOT_have az [R]za] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7204    AOT_thus az [R]za] & ¬az [R]za]
7205      using 0 "&I" by blast
7206  qed
7207  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
7208    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2[lambda]"
7209  then AOT_obtain b where b_prop: A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
7210    using "∃E"[rotated] by blast
7211  AOT_have a  b
7212    apply (rule "≡dfI"[OF "=-infix"])
7213    using a_enc b_prop[THEN "&E"(2)]
7214    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7215  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
7216    using b_prop "&E" a_prop "&I" by meson
7217  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
7218  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
7219qed
7220
7221AOT_theorem "aclassical:2": Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
7222proof(rule GEN)
7223  fix R
7224  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
7225    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7226  AOT_have a_enc: az [R]az]
7227  proof (rule "raa-cor:1")
7228    AOT_assume 0: ¬az [R]az]
7229    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7230      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
7231                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated])
7232         "cqt:2[lambda]"
7233    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7234      using "cqt-further:4" "vdash-properties:10" by blast
7235    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az]) using "∀E" by blast
7236    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
7237      by (metis "&I" "deduction-theorem" "raa-cor:3")
7238    moreover AOT_have z [R]az] = z [R]az]
7239      by (rule "=I") "cqt:2[lambda]"
7240    ultimately AOT_have az [R]az] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7241    AOT_thus az [R]az] & ¬az [R]az]
7242      using 0 "&I" by blast
7243  qed
7244  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
7245    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated]) "cqt:2[lambda]"
7246  then AOT_obtain b where b_prop: A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
7247    using "∃E"[rotated] by blast
7248  AOT_have a  b
7249    apply (rule "≡dfI"[OF "=-infix"])
7250    using a_enc b_prop[THEN "&E"(2)]
7251    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7252  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
7253    using b_prop "&E" a_prop "&I" by meson
7254  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
7255  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
7256qed
7257
7258AOT_theorem "aclassical:3": Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
7259proof(rule GEN)
7260  fix R
7261  AOT_obtain a where a_prop: A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
7262    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
7263  AOT_have z [R]a] by "cqt:2[lambda]"
7264  (* TODO: S should no longer be necessary *)
7265  then AOT_obtain S where S_def: S = z [R]a]
7266    by (metis "instantiation" "rule=I:1" "existential:1" id_sym)
7267  AOT_have a_enc: a[S]
7268  proof (rule "raa-cor:1")
7269    AOT_assume 0: ¬a[S]
7270    AOT_hence ¬y(A!y & S = z [R]y] & ¬y[S])
7271      by (rule a_prop[THEN "&E"(2), THEN "∀E"(2)[where β=S],
7272                THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1), rotated]) 
7273    AOT_hence y ¬(A!y & S = z [R]y] & ¬y[S])
7274      using "cqt-further:4" "vdash-properties:10" by blast
7275    AOT_hence ¬(A!a & S = z [R]a] & ¬a[S]) using "∀E" by blast
7276    AOT_hence (A!a & S = z [R]a])  a[S]
7277      by (metis "&I" "deduction-theorem" "raa-cor:3")
7278    moreover AOT_have S = z [R]a] using S_def .
7279    ultimately AOT_have a[S] using a_prop[THEN "&E"(1)] "→E" "&I" by blast
7280    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
7281  qed
7282  AOT_hence y(A!y & S = z [R]y] & ¬y[S])
7283    by (rule a_prop[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1), rotated])
7284  then AOT_obtain b where b_prop: A!b & S = z [R]b] & ¬b[S]
7285    using "∃E"[rotated] by blast
7286  AOT_have 1: a  b
7287    apply (rule "≡dfI"[OF "=-infix"])
7288    using a_enc b_prop[THEN "&E"(2)]
7289    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a" "raa-cor:3" "reductio-aa:1" by fast
7290  AOT_have a:  [R]a] = ([R]a)
7291    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
7292    by (meson "log-prop-prop:2")
7293  AOT_have b:  [R]b] = ([R]b)
7294    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
7295    by (meson "log-prop-prop:2")
7296  AOT_have  [R]a] =  [R]b]
7297    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
7298    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
7299    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
7300     apply (rule "rule=E"[rotated, OF S_def])
7301    using b_prop "&E" apply blast
7302    apply (safe intro!: "&I")
7303    by (simp add: "log-prop-prop:2")+
7304  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
7305    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)] "&I" by auto
7306  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
7307  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
7308qed
7309
7310AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
7311proof -
7312  AOT_have x y ([A!]x & [A!]y & x  y &
7313               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7314    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
7315       "cqt:2[lambda]"
7316  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
7317               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7318    using "∃E"[rotated] by blast
7319  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
7320               z xy F ([F]x  [F]y)]zx] = z xy F ([F]x  [F]y)]zy])
7321    using "∃E"[rotated] by blast
7322  AOT_have z xy F ([F]x  [F]y)]zx]x
7323    apply (rule "β←C"(1))
7324      apply "cqt:2[lambda]"
7325     apply (fact "cqt:2[const_var]"[axiom_inst])
7326    apply (rule "β←C"(1))
7327      apply "cqt:2[lambda]"
7328    apply (simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3")
7329    by (simp add: "oth-class-taut:3:a" "universal-cor")
7330  AOT_hence z xy F ([F]x  [F]y)]zy]x
7331    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
7332  AOT_hence xy F ([F]x  [F]y)]xy
7333    by (rule "β→C"(1))
7334  AOT_hence F ([F]x  [F]y)
7335    using "β→C"(1) old.prod.case by fast
7336  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y) using 0 "&E" "&I" by blast
7337  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
7338  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
7339qed
7340
7341AOT_theorem "kirchner-thm:1": x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7342proof(rule "≡I"; rule "→I")
7343  AOT_assume x φ{x}]
7344  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
7345  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7346  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
7347    AOT_modally_strict {
7348      fix x y
7349      AOT_assume 0: x φ{x}]
7350      moreover AOT_assume F([F]x  [F]y)
7351      ultimately AOT_have x φ{x}]x  x φ{x}]y
7352        using "∀E" by blast
7353      AOT_thus (φ{x}  φ{y})
7354        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
7355    }
7356  qed
7357  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7358    using "→E" by blast
7359next
7360  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y}))  y(x(F([F]x  [F]y) & φ{x})  φ{y})
7361  proof(rule "RM:1"; rule "→I"; rule GEN)
7362    AOT_modally_strict {
7363      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7364      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
7365        using "∀E"(2) "→E" that by blast
7366      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
7367      proof (rule "raa-cor:1")
7368        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
7369        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y})  (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
7370          using "≡E"(1) "oth-class-taut:4:h" by blast
7371        moreover {
7372          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
7373          AOT_obtain a where F([F]a  [F]y) & φ{a}
7374            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
7375          AOT_hence φ{y} using indisc[THEN "≡E"(1)] "&E" by blast
7376          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7377        }
7378        moreover {
7379          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
7380          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
7381            using "&E"(1) "cqt-further:4" "→E" by blast
7382          AOT_hence ¬(F([F]y  [F]y) & φ{y}) using "∀E" by blast
7383          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
7384            using "≡E"(1) "oth-class-taut:5:c" by blast
7385          moreover AOT_have F([F]y  [F]y) by (simp add: "oth-class-taut:3:a" "universal-cor")
7386          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
7387          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7388        }
7389        ultimately AOT_show p & ¬p for p using "∨E"(3) "raa-cor:1" by blast
7390      qed
7391    }
7392  qed
7393  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7394  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
7395    using "→E" by blast
7396  AOT_thus x φ{x}]
7397    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2[lambda]"
7398qed
7399
7400AOT_theorem "kirchner-thm:2": x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7401proof(rule "≡I"; rule "→I")
7402  AOT_assume x1...xn φ{x1...xn}]
7403  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "vdash-properties:10")
7404  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7405  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
7406    AOT_modally_strict {
7407      fix x1xn y1yn :: 'a AOT_var›
7408      AOT_assume 0: x1...xn φ{x1...xn}]
7409      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
7410      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn  x1...xn φ{x1...xn}]y1...yn
7411        using "∀E" by blast
7412      AOT_thus (φ{x1...xn}  φ{y1...yn})
7413        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
7414    }
7415  qed
7416  ultimately AOT_show x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7417    using "→E" by blast
7418next
7419  AOT_have (x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))) 
7420            y1...∀yn((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7421  proof(rule "RM:1"; rule "→I"; rule GEN)
7422    AOT_modally_strict {
7423      AOT_assume x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7424      AOT_hence indisc: φ{x1...xn}  φ{y1...yn} if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
7425        using "∀E"(2) "→E" that by blast
7426      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn} for y1yn
7427      proof (rule "raa-cor:1")
7428        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7429        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & ¬φ{y1...yn}) 
7430                    (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & φ{y1...yn})
7431          using "≡E"(1) "oth-class-taut:4:h" by blast
7432        moreover {
7433          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) & ¬φ{y1...yn}
7434          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
7435            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
7436          AOT_hence φ{y1...yn} using indisc[THEN "≡E"(1)] "&E" by blast
7437          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7438        }
7439        moreover {
7440          AOT_assume 0: (¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))) & φ{y1...yn})
7441          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
7442            using "&E"(1) "cqt-further:4" "→E" by blast
7443          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn}) using "∀E" by blast
7444          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
7445            using "≡E"(1) "oth-class-taut:5:c" by blast
7446          moreover AOT_have F([F]y1...yn  [F]y1...yn)
7447            by (simp add: "oth-class-taut:3:a" "universal-cor")
7448          ultimately AOT_have ¬φ{y1...yn} by (metis "¬¬I" "∨E"(2))
7449          AOT_hence p & ¬p for p using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
7450        }
7451        ultimately AOT_show p & ¬p for p using "∨E"(3) "raa-cor:1" by blast
7452      qed
7453    }
7454  qed
7455  moreover AOT_assume x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7456  ultimately AOT_have y1...∀yn((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))  φ{y1...yn})
7457    using "→E" by blast
7458  AOT_thus x1...xn φ{x1...xn}]
7459    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2[lambda]"
7460qed
7461
7462AOT_theorem "kirchner-thm-cor:1": x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
7463proof(rule "→I"; rule GEN; rule GEN; rule "→I")
7464  fix x y
7465  AOT_assume x φ{x}]
7466  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
7467    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
7468  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
7469    using CBF[THEN "→E"] by blast
7470  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
7471    using "∀E" by blast
7472  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
7473    using CBF[THEN "→E"] by blast
7474  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
7475    using "∀E" by blast
7476  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
7477    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7478  moreover AOT_assume F([F]x  [F]y)
7479  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
7480qed
7481
7482AOT_theorem "kirchner-thm-cor:2":
7483  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn(F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7484proof(rule "→I"; rule GEN; rule GEN; rule "→I")
7485  fix x1xn y1yn
7486  AOT_assume x1...xn φ{x1...xn}]
7487  AOT_hence 0: x1...∀xny1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7488    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
7489  AOT_have x1...∀xny1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7490  proof(rule GEN; rule GEN)
7491    fix x1xn y1yn
7492    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7493      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
7494      using "∀E" by blast
7495  qed
7496  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7497    using "∀E" by blast
7498  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7499    using "∀E" by blast
7500  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
7501    using "∀E" by blast
7502  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
7503    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7504  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
7505  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2[lambda]"
7506  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn  x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
7507    using "∀E" by blast
7508  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
7509    apply (rule "β←C"(1))
7510      apply "cqt:2[lambda]"
7511     apply (fact "cqt:2[const_var]"[axiom_inst])
7512    by (simp add: RN GEN "oth-class-taut:3:a")
7513  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn using "≡E"(2) by blast
7514  AOT_hence F ([F]x1...xn  [F]y1...yn)
7515    using "β→C"(1) by blast
7516  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
7517qed
7518
7519AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
7520  "prop-prop1": Propositional([F]) df p(F = y p])
7521
7522AOT_theorem "prop-prop2:1": p y p]
7523  by (rule GEN) "cqt:2[lambda]"
7524
7525AOT_theorem "prop-prop2:2": ν φ]
7526  by "cqt:2[lambda]"
7527
7528AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
7529proof (rule "→I")
7530  AOT_assume 0: F = y p]
7531  AOT_show x([F]x  p)
7532    by (rule "rule=E"[rotated, OF 0[symmetric]]; rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
7533      "cqt:2[lambda]"
7534qed
7535
7536AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
7537proof(rule "→I")
7538  AOT_assume Propositional([F])
7539  AOT_hence p(F = y p]) using "≡dfE"[OF "prop-prop1"] by blast
7540  then AOT_obtain p where F = y p] using "∃E"[rotated] by blast
7541  AOT_hence (F = y p]) using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
7542  AOT_hence p (F = y p]) using "∃I" by fast
7543  AOT_hence 0: p (F = y p]) by (metis Buridan "vdash-properties:10")
7544  AOT_thus Propositional([F])
7545    using "prop-prop1"[THEN "≡Df"]
7546    by (AOT_subst Propositional([F]) p (F = y p])) auto
7547qed
7548
7549AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
7550  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
7551
7552AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
7553proof(rule "→I")
7554  AOT_assume Propositional([Π])
7555  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
7556  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
7557  AOT_show Indiscriminate([Π])
7558  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
7559    AOT_show Π
7560      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
7561  next
7562    AOT_show (x [Π]x  x [Π]x)
7563    proof (rule "rule=E"[rotated, OF Π_def[symmetric]]; rule RN; rule "→I"; rule GEN)
7564      AOT_modally_strict {
7565        AOT_assume x y p]x
7566        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
7567        AOT_hence 0: p by (metis "β→C"(1))
7568        AOT_show y p]x for x
7569          apply (rule "β←C"(1))
7570            apply "cqt:2[lambda]"
7571           apply (fact "cqt:2[const_var]"[axiom_inst])
7572          by (fact 0)
7573      }
7574    qed
7575  qed
7576qed
7577
7578AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
7579proof (rule "→I")
7580  AOT_assume Necessary([F])
7581  AOT_hence 0: x1...∀xn [F]x1...xn using "≡dfE"[OF "contingent-properties:1"] by blast
7582  AOT_show Indiscriminate([F])
7583    by (rule "≡dfI"[OF "prop-indis"])
7584       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "vdash-properties:6") 
7585qed
7586
7587AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
7588proof (rule "→I")
7589  AOT_modally_strict {
7590    AOT_have x ¬[F]x  (x [F]x  x [F]x)
7591      by (metis "instantiation" "cqt-orig:3" "Hypothetical Syllogism" "deduction-theorem" "raa-cor:3")
7592  }
7593  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
7594    by (rule "RM:1")
7595  AOT_assume Impossible([F])
7596  AOT_hence x ¬[F]x using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
7597  AOT_hence 1: (x [F]x  x [F]x) using 0 "→E" by blast
7598  AOT_show Indiscriminate([F])
7599    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
7600       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
7601qed
7602
7603AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
7604proof(rule "raa-cor:2")
7605  AOT_assume Indiscriminate([E!])
7606  AOT_hence 0: (x [E!]x  x [E!]x)
7607    using "≡dfE"[OF "prop-indis"] "&E" by blast
7608  AOT_hence x [E!]x  x [E!]x
7609    using "KBasic:13" "vdash-properties:10" by blast
7610  moreover AOT_have x [E!]x
7611    by (simp add: "thm-cont-e:3")
7612  ultimately AOT_have x [E!]x
7613    by (metis "vdash-properties:6")
7614  AOT_thus p & ¬p for p
7615    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
7616qed
7617
7618AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
7619proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]]; rule "raa-cor:2")
7620  AOT_assume Indiscriminate(x ¬[E!]x])
7621  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
7622    using "≡dfE"[OF "prop-indis"] "&E" by blast
7623  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
7624    using "→E" "qml:1" "vdash-properties:1[2]" by blast
7625  moreover AOT_have x x ¬[E!]x]x
7626    apply (AOT_subst x ¬E!x]x ¬E!x for: x)
7627    apply (rule "beta-C-meta"[THEN "→E"])
7628     apply "cqt:2[lambda]"
7629    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2" "o-objects-exist:5" "vdash-properties:10")
7630  ultimately AOT_have 1: x x ¬[E!]x]x
7631    by (metis "vdash-properties:6")
7632  AOT_hence x ¬[E!]x
7633    by (AOT_subst (reverse) ¬[E!]x  x ¬[E!]x]x for: x)
7634       (auto intro!: "cqt:2" "beta-C-meta"[THEN "→E"])
7635  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
7636  moreover AOT_obtain a where abs_a: O!a
7637    using "instantiation" "o-objects-exist:1" "qml:2" "vdash-properties:1[2]" "vdash-properties:6" by blast
7638  ultimately AOT_have ¬[E!]a using "∀E" by blast
7639  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
7640  AOT_have A!a
7641    apply (rule "=dfI"(2)[OF AOT_abstract])
7642     apply "cqt:2[lambda]"
7643    apply (rule "β←C"(1))
7644      apply "cqt:2[lambda]"
7645    using "cqt:2[const_var]"[axiom_inst] apply blast
7646    by (fact 2)
7647  AOT_thus p & ¬p for p using abs_a
7648    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
7649qed
7650
7651AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
7652proof(rule "raa-cor:2")
7653  AOT_assume Indiscriminate(O!)
7654  AOT_hence 0: (x O!x  x O!x)
7655    using "≡dfE"[OF "prop-indis"] "&E" by blast
7656  AOT_hence x O!x  x O!x
7657    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7658  moreover AOT_have x O!x
7659    using "o-objects-exist:1" by blast
7660  ultimately AOT_have x O!x
7661    by (metis "vdash-properties:6")
7662  AOT_thus p & ¬p for p
7663    by (metis "o-objects-exist:3" "qml:2" "raa-cor:3" "vdash-properties:10" "vdash-properties:1[2]")
7664qed
7665
7666AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
7667proof(rule "raa-cor:2")
7668  AOT_assume Indiscriminate(A!)
7669  AOT_hence 0: (x A!x  x A!x)
7670    using "≡dfE"[OF "prop-indis"] "&E" by blast
7671  AOT_hence x A!x  x A!x
7672    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
7673  moreover AOT_have x A!x
7674    using "o-objects-exist:2" by blast
7675  ultimately AOT_have x A!x
7676    by (metis "vdash-properties:6")
7677  AOT_thus p & ¬p for p
7678    by (metis "o-objects-exist:4" "qml:2" "raa-cor:3" "vdash-properties:10" "vdash-properties:1[2]")
7679qed
7680
7681AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
7682  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
7683
7684AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
7685  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
7686
7687AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
7688  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
7689
7690AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
7691  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
7692
7693AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
7694proof(rule "→I")
7695  AOT_assume p (F = y p])
7696  AOT_hence p (F = y p])
7697    by (metis "BF◇" "vdash-properties:10")
7698  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
7699  AOT_hence F = y p] by (metis "derived-S5-rules:2" emptyE "id-nec:2" "vdash-properties:6")
7700  AOT_thus p(F = y p]) by (rule "∃I")
7701qed
7702
7703AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
7704proof(rule "→I")
7705  AOT_assume p (F  y p])
7706  AOT_hence (F  y p]) for p
7707    using "∀E" by blast
7708  AOT_hence (F  y p]) for p
7709    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2[lambda]"
7710  AOT_hence p (F  y p]) by (rule GEN)
7711  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
7712qed
7713
7714AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
7715proof(rule "→I")
7716  AOT_assume p (F = y p])
7717  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
7718  AOT_hence (F = y p]) by (metis "id-nec:2" "vdash-properties:6")
7719  AOT_hence p(F = y p]) by (rule "∃I")
7720  AOT_thus p(F = y p]) by (metis Buridan "vdash-properties:10")
7721qed
7722
7723AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
7724proof(rule "→I")
7725  AOT_assume p (F  y p])
7726  AOT_hence p (F  y p]) by (metis "Buridan◇" "vdash-properties:10")
7727  AOT_hence (F  y p]) for p
7728    using "∀E" by blast
7729  AOT_hence F  y p] for p
7730    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2[lambda]"
7731  AOT_thus p (F  y p]) by (rule GEN)
7732qed
7733
7734AOT_theorem "enc-prop-nec:1": F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
7735proof(rule "→I"; rule GEN; rule "→I")
7736  fix F
7737  AOT_assume F (x[F]  p(F = y p]))
7738  AOT_hence F (x[F]  p(F = y p]))
7739    using "Buridan◇" "vdash-properties:10" by blast
7740  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
7741  AOT_assume x[F]
7742  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
7743  AOT_hence p(F = y p])
7744    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
7745  AOT_thus p(F = y p])
7746    using "prop-prop-nec:1"[THEN "→E"] by blast
7747qed
7748
7749AOT_theorem "enc-prop-nec:2": F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
7750  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
7751  by blast
7752
7753(*<*)
7754end
7755(*>*)